diff --git a/src/app/admin/settings/user/page.tsx b/src/app/admin/settings/user/page.tsx index 0ac37c5..cd8ebfb 100644 --- a/src/app/admin/settings/user/page.tsx +++ b/src/app/admin/settings/user/page.tsx @@ -40,16 +40,22 @@ export default function UserProfilePage() { register, handleSubmit, reset, - formState: { errors }, + formState: { errors, isDirty }, } = useForm({ resolver: zodResolver(userProfileSchema), + defaultValues: { + name: "", + email: "", + password: "", + confirmPassword: "" + } }); useEffect(() => { async function fetchUser() { const user = await getUser(); if (user) { - reset({ name: user.name, email: user.email }); + reset({ name: user.name, email: user.email, password: "", confirmPassword: "" }); } } fetchUser(); @@ -68,7 +74,7 @@ export default function UserProfilePage() { title: "Profile Updated", description: "Your profile has been updated successfully.", }); - // Clear password fields after successful submission + // Clear password fields and reset dirty state after successful submission reset({ ...data, password: '', confirmPassword: '' }); } else { toast({ @@ -112,7 +118,7 @@ export default function UserProfilePage() { - diff --git a/src/lib/actions/user.ts b/src/lib/actions/user.ts index f1ce3f9..b3fe113 100644 --- a/src/lib/actions/user.ts +++ b/src/lib/actions/user.ts @@ -32,18 +32,20 @@ export async function updateUser( ): Promise<{ success: boolean; error?: string }> { const session = await getSession(); if (!session?.userId) { - return { success: false, error: 'Not authenticated' }; + return { success: false, error: 'Not authenticated. Please log in again.' }; } const validated = UserUpdateSchema.safeParse(data); if (!validated.success) { - return { success: false, error: 'Invalid data' }; + const errors = validated.error.flatten().fieldErrors; + const firstError = Object.values(errors)[0]?.[0] ?? 'Invalid data provided.'; + return { success: false, error: firstError }; } const { name, email, password } = validated.data; try { - if (password && password.length > 0) { + if (password && password.trim().length > 0) { // In a real application, hash the password const stmt = db.prepare( 'UPDATE users SET name = ?, email = ?, password = ? WHERE id = ?' @@ -59,6 +61,6 @@ export async function updateUser( if (error.code === 'SQLITE_CONSTRAINT_UNIQUE') { return { success: false, error: 'Email already in use.' }; } - return { success: false, error: 'Failed to update user profile.' }; + return { success: false, error: 'Failed to update user profile due to a server error.' }; } } diff --git a/src/lib/auth.ts b/src/lib/auth.ts index 3972054..a78b1f9 100644 --- a/src/lib/auth.ts +++ b/src/lib/auth.ts @@ -31,6 +31,7 @@ export async function signIn(formData: FormData) { name: user.name, }; + // Set the session cookie cookies().set('session', JSON.stringify(sessionData), { httpOnly: true, secure: process.env.NODE_ENV === 'production', @@ -55,18 +56,23 @@ export async function signOut() { } export async function getSession() { - const cookieStore = cookies(); - const sessionCookie = cookieStore.get('session'); + const sessionCookie = cookies().get('session'); - if (!sessionCookie) { + if (!sessionCookie?.value) { return null; } + try { const session = JSON.parse(sessionCookie.value); - return session; + // Basic validation to ensure the session object has expected properties + if (session && typeof session === 'object' && session.userId) { + return session as User & { isLoggedIn: boolean; userId: number }; + } + return null; } catch (error) { console.error('Failed to parse session cookie:', error); + // If parsing fails, the cookie is invalid. Clear it. + cookies().delete('session'); return null; } -} - +} \ No newline at end of file