// routes/auth
router.put("/update-password", requireSignin, auth.updatePassword);
// controllers/auth
export const updatePassword = async (req, res) => {
try {
const { password } = req.body;
if (!password) {
return res.json({ error: "Password is required" });
}
// check if password meets the requirement
if (password && password?.length < 6) {
return res.json({
error: "Min 6 characters long password is required",
});
}
const user = await User.findById(req.user._id);
const hashedPassword = await hashPassword(password);
await User.findByIdAndUpdate(user._id, {
password: hashedPassword,
});
res.json({ ok: true });
} catch (err) {
console.log(err);
return res.status(403).json({ error: "Unauthorized" });
}
};
To test this, make PUT
request with password
in req.body