feat: make validatePassword async and pass user to args

darkbasic · darkbasic · commit 88f017d4556d · 2023-11-26T18:51:52.000+01:00
diff --git a/.changeset/perfect-donkeys-study.md b/.changeset/perfect-donkeys-study.md
@@ -0,0 +1,5 @@
+---
+'@accounts/password': minor
+---
+
+Make validatePassword async and pass user to args
diff --git a/packages/password/src/accounts-password.ts b/packages/password/src/accounts-password.ts
@@ -127,7 +127,7 @@ export interface AccountsPasswordOptions {
    * Function that check if the password is valid.
    * This function will be called when you call `createUser` and `changePassword`.
    */
-  validatePassword?: (password?: string) => boolean;
+  validatePassword?: <T extends User>(password?: string, user?: T) => Promise<boolean>;
   /**
    * Function that check if the username is a valid username.
    * This function will be called when you call `createUser`.
@@ -164,7 +164,7 @@ const defaultOptions = {
   validateEmail(email?: string): boolean {
     return isString(email) && isEmail(email);
   },
-  validatePassword(password?: string): boolean {
+  async validatePassword(password?: string): Promise<boolean> {
     return isString(password) && password !== '';
   },
   validateUsername(username?: string): boolean {
@@ -365,12 +365,6 @@ export default class AccountsPassword<CustomUser extends User = User>
     if (!token || !isString(token)) {
       throw new AccountsJsError(this.options.errors.invalidToken, ResetPasswordErrors.InvalidToken);
     }
-    if (!this.options.validatePassword(newPassword)) {
-      throw new AccountsJsError(
-        this.options.errors.invalidNewPassword,
-        ResetPasswordErrors.InvalidNewPassword
-      );
-    }
 
     const user = await this.db.findUserByResetPasswordToken(token);
     if (!user) {
@@ -380,6 +374,13 @@ export default class AccountsPassword<CustomUser extends User = User>
       );
     }
 
+    if (!(await this.options.validatePassword(newPassword, user))) {
+      throw new AccountsJsError(
+        this.options.errors.invalidNewPassword,
+        ResetPasswordErrors.InvalidNewPassword
+      );
+    }
+
     const resetTokens = getUserResetTokens(user);
     const resetTokenRecord = resetTokens.find((t) => t.token === token);
 
@@ -471,15 +472,15 @@ export default class AccountsPassword<CustomUser extends User = User>
     oldPassword: string,
     newPassword: string
   ): Promise<void> {
-    if (!this.options.validatePassword(newPassword)) {
+    const user = await this.passwordAuthenticator({ id: userId }, oldPassword);
+
+    if (!(await this.options.validatePassword(newPassword, user))) {
       throw new AccountsJsError(
         this.options.errors.invalidPassword,
         ChangePasswordErrors.InvalidPassword
       );
     }
 
-    const user = await this.passwordAuthenticator({ id: userId }, oldPassword);
-
     const password = await this.options.hashPassword(newPassword);
     await this.db.setPassword(userId, password);
 
@@ -676,7 +677,7 @@ export default class AccountsPassword<CustomUser extends User = User>
     }
 
     if (user.password) {
-      if (!this.options.validatePassword(user.password)) {
+      if (!(await this.options.validatePassword(user.password))) {
         throw new AccountsJsError(
           this.options.errors.invalidPassword,
           CreateUserErrors.InvalidPassword
