"use server";

import { getUser } from "@/auth/auth";
import { getUserInfo, setPassword, validateUser } from "@/ldap";
import { ActionResponse } from ".";
import { PasswordUpdateSchema, passwordUpdateSchema } from "@/schemas";

export default async function changePassword(
  data: PasswordUpdateSchema
): Promise<ActionResponse> {
  const user = await getUser();
  if (user == null) return { ok: false, error: "noUser" };

  const userInfo = await getUserInfo(user);
  if (userInfo == null) {
    return { ok: false, error: "notRegisteredYet" };
  }

  const { password, newPassword } = passwordUpdateSchema.parse(data);

  const passwordMatches = await validateUser(user.username!, password);
  if (!passwordMatches) {
    return { ok: false, error: "incorrectPassword" };
  }

  await setPassword(user.username!, newPassword);

  return { ok: true };
}