undone

src/server/api/routers/auth.ts

@@ -7,13 +7,6 @@ import { ConnectionFactory, hashPassword, checkPassword } from "~/server/utils";
 import { SignJWT, jwtVerify } from "jose";
 import { setCookie, getCookie } from "vinxi/http";
 import type { User } from "~/types/user";
-import {
-  emailSchema,
-  passwordSchema,
-  registrationSchema,
-  loginSchema,
-  passwordResetSchema
-} from "~/server/api/schemas/validation";
 
 // Helper to create JWT token
 async function createJWT(
@@ -246,7 +239,7 @@ export const authRouter = createTRPCRouter({
   emailLogin: publicProcedure
     .input(
       z.object({
-        email: emailSchema,
+        email: z.string().email(),
         token: z.string(),
         rememberMe: z.boolean().optional()
       })
@@ -324,7 +317,7 @@ export const authRouter = createTRPCRouter({
   emailVerification: publicProcedure
     .input(
       z.object({
-        email: emailSchema,
+        email: z.string().email(),
         token: z.string()
       })
     )
@@ -367,9 +360,22 @@ export const authRouter = createTRPCRouter({
 
   // Email/password registration
   emailRegistration: publicProcedure
-    .input(registrationSchema)
+    .input(
+      z.object({
+        email: z.string().email(),
+        password: z.string().min(8),
+        passwordConfirmation: z.string().min(8)
+      })
+    )
     .mutation(async ({ input, ctx }) => {
-      const { email, password } = input;
+      const { email, password, passwordConfirmation } = input;
+
+      if (password !== passwordConfirmation) {
+        throw new TRPCError({
+          code: "BAD_REQUEST",
+          message: "passwordMismatch"
+        });
+      }
 
       const passwordHash = await hashPassword(password);
       const conn = ConnectionFactory();
@@ -405,7 +411,13 @@ export const authRouter = createTRPCRouter({
 
   // Email/password login
   emailPasswordLogin: publicProcedure
-    .input(loginSchema)
+    .input(
+      z.object({
+        email: z.string().email(),
+        password: z.string(),
+        rememberMe: z.boolean().optional()
+      })
+    )
     .mutation(async ({ input, ctx }) => {
       const { email, password, rememberMe } = input;
 
@@ -465,7 +477,7 @@ export const authRouter = createTRPCRouter({
   requestEmailLinkLogin: publicProcedure
     .input(
       z.object({
-        email: emailSchema,
+        email: z.string().email(),
         rememberMe: z.boolean().optional()
       })
     )
@@ -570,7 +582,7 @@ export const authRouter = createTRPCRouter({
 
   // Request password reset
   requestPasswordReset: publicProcedure
-    .input(z.object({ email: emailSchema }))
+    .input(z.object({ email: z.string().email() }))
     .mutation(async ({ input, ctx }) => {
       const { email } = input;
 
@@ -669,9 +681,22 @@ export const authRouter = createTRPCRouter({
 
   // Reset password with token
   resetPassword: publicProcedure
-    .input(passwordResetSchema)
+    .input(
+      z.object({
+        token: z.string(),
+        newPassword: z.string().min(8),
+        newPasswordConfirmation: z.string().min(8)
+      })
+    )
     .mutation(async ({ input, ctx }) => {
-      const { token, newPassword } = input;
+      const { token, newPassword, newPasswordConfirmation } = input;
+
+      if (newPassword !== newPasswordConfirmation) {
+        throw new TRPCError({
+          code: "BAD_REQUEST",
+          message: "Password Mismatch"
+        });
+      }
 
       try {
         // Verify JWT token
@@ -718,7 +743,7 @@ export const authRouter = createTRPCRouter({
 
   // Resend email verification
   resendEmailVerification: publicProcedure
-    .input(z.object({ email: emailSchema }))
+    .input(z.object({ email: z.string().email() }))
     .mutation(async ({ input, ctx }) => {
       const { email } = input;
 
@@ -827,3 +852,4 @@ export const authRouter = createTRPCRouter({
     return { success: true };
   })
 });
+