Updated
This commit is contained in:
47
src/pages/api/organizations/update-name.ts
Normal file
47
src/pages/api/organizations/update-name.ts
Normal file
@@ -0,0 +1,47 @@
|
||||
import type { APIRoute } from 'astro';
|
||||
import { db } from '../../../db';
|
||||
import { organizations, members } from '../../../db/schema';
|
||||
import { eq } from 'drizzle-orm';
|
||||
|
||||
export const POST: APIRoute = async ({ request, locals, redirect }) => {
|
||||
const user = locals.user;
|
||||
if (!user) {
|
||||
return redirect('/login');
|
||||
}
|
||||
|
||||
const formData = await request.formData();
|
||||
const organizationId = formData.get('organizationId') as string;
|
||||
const name = formData.get('name') as string;
|
||||
|
||||
if (!organizationId || !name || name.trim().length === 0) {
|
||||
return new Response('Organization ID and name are required', { status: 400 });
|
||||
}
|
||||
|
||||
try {
|
||||
// Verify user is admin/owner of this organization
|
||||
const membership = await db.select()
|
||||
.from(members)
|
||||
.where(eq(members.userId, user.id))
|
||||
.get();
|
||||
|
||||
if (!membership || membership.organizationId !== organizationId) {
|
||||
return new Response('Not authorized', { status: 403 });
|
||||
}
|
||||
|
||||
const isAdmin = membership.role === 'owner' || membership.role === 'admin';
|
||||
if (!isAdmin) {
|
||||
return new Response('Only owners and admins can update organization settings', { status: 403 });
|
||||
}
|
||||
|
||||
// Update organization name
|
||||
await db.update(organizations)
|
||||
.set({ name: name.trim() })
|
||||
.where(eq(organizations.id, organizationId))
|
||||
.run();
|
||||
|
||||
return redirect('/dashboard/team/settings?success=org-name');
|
||||
} catch (error) {
|
||||
console.error('Error updating organization name:', error);
|
||||
return new Response('Failed to update organization name', { status: 500 });
|
||||
}
|
||||
};
|
||||
61
src/pages/api/user/change-password.ts
Normal file
61
src/pages/api/user/change-password.ts
Normal file
@@ -0,0 +1,61 @@
|
||||
import type { APIRoute } from 'astro';
|
||||
import { db } from '../../../db';
|
||||
import { users } from '../../../db/schema';
|
||||
import { eq } from 'drizzle-orm';
|
||||
import bcrypt from 'bcryptjs';
|
||||
|
||||
export const POST: APIRoute = async ({ request, locals, redirect }) => {
|
||||
const user = locals.user;
|
||||
if (!user) {
|
||||
return redirect('/login');
|
||||
}
|
||||
|
||||
const formData = await request.formData();
|
||||
const currentPassword = formData.get('currentPassword') as string;
|
||||
const newPassword = formData.get('newPassword') as string;
|
||||
const confirmPassword = formData.get('confirmPassword') as string;
|
||||
|
||||
if (!currentPassword || !newPassword || !confirmPassword) {
|
||||
return new Response('All fields are required', { status: 400 });
|
||||
}
|
||||
|
||||
if (newPassword !== confirmPassword) {
|
||||
return new Response('New passwords do not match', { status: 400 });
|
||||
}
|
||||
|
||||
if (newPassword.length < 8) {
|
||||
return new Response('Password must be at least 8 characters', { status: 400 });
|
||||
}
|
||||
|
||||
try {
|
||||
// Get current user from database
|
||||
const dbUser = await db.select()
|
||||
.from(users)
|
||||
.where(eq(users.id, user.id))
|
||||
.get();
|
||||
|
||||
if (!dbUser) {
|
||||
return new Response('User not found', { status: 404 });
|
||||
}
|
||||
|
||||
// Verify current password
|
||||
const passwordMatch = await bcrypt.compare(currentPassword, dbUser.passwordHash);
|
||||
if (!passwordMatch) {
|
||||
return new Response('Current password is incorrect', { status: 400 });
|
||||
}
|
||||
|
||||
// Hash new password
|
||||
const hashedPassword = await bcrypt.hash(newPassword, 10);
|
||||
|
||||
// Update password
|
||||
await db.update(users)
|
||||
.set({ passwordHash: hashedPassword })
|
||||
.where(eq(users.id, user.id))
|
||||
.run();
|
||||
|
||||
return redirect('/dashboard/settings?success=password');
|
||||
} catch (error) {
|
||||
console.error('Error changing password:', error);
|
||||
return new Response('Failed to change password', { status: 500 });
|
||||
}
|
||||
};
|
||||
30
src/pages/api/user/update-profile.ts
Normal file
30
src/pages/api/user/update-profile.ts
Normal file
@@ -0,0 +1,30 @@
|
||||
import type { APIRoute } from 'astro';
|
||||
import { db } from '../../../db';
|
||||
import { users } from '../../../db/schema';
|
||||
import { eq } from 'drizzle-orm';
|
||||
|
||||
export const POST: APIRoute = async ({ request, locals, redirect }) => {
|
||||
const user = locals.user;
|
||||
if (!user) {
|
||||
return redirect('/login');
|
||||
}
|
||||
|
||||
const formData = await request.formData();
|
||||
const name = formData.get('name') as string;
|
||||
|
||||
if (!name || name.trim().length === 0) {
|
||||
return new Response('Name is required', { status: 400 });
|
||||
}
|
||||
|
||||
try {
|
||||
await db.update(users)
|
||||
.set({ name: name.trim() })
|
||||
.where(eq(users.id, user.id))
|
||||
.run();
|
||||
|
||||
return redirect('/dashboard/settings?success=profile');
|
||||
} catch (error) {
|
||||
console.error('Error updating profile:', error);
|
||||
return new Response('Failed to update profile', { status: 500 });
|
||||
}
|
||||
};
|
||||
Reference in New Issue
Block a user