adjust email/pass addition flow, blog ttl extended

2026-01-07 21:21:27 -05:00
parent ca28237d13
commit 8f241ce611
6 changed files with 92 additions and 23 deletions
--- a/src/server/api/routers/user.ts
+++ b/src/server/api/routers/user.ts
@@ -244,6 +244,14 @@ export const userRouter = createTRPCRouter({
        });
      }

+      // For OAuth accounts, require verified email before setting password
+      if (user.provider !== "email" && (!user.email || !user.email_verified)) {
+        throw new TRPCError({
+          code: "BAD_REQUEST",
+          message: "Email verification required before setting password"
+        });
+      }
+
      const passwordHash = await hashPassword(newPassword);
      await conn.execute({
        sql: "UPDATE User SET password_hash = ? WHERE id = ?",