packages/trpc/server/profile-router/router.ts

import { TRPCError } from '@trpc/server';

import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
import { getSubscriptionsByUserId } from '@documenso/lib/server-only/subscription/get-subscriptions-by-user-id';
import { deleteUser } from '@documenso/lib/server-only/user/delete-user';
import { findUserSecurityAuditLogs } from '@documenso/lib/server-only/user/find-user-security-audit-logs';
import { forgotPassword } from '@documenso/lib/server-only/user/forgot-password';
import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
import { resetPassword } from '@documenso/lib/server-only/user/reset-password';
import { sendConfirmationToken } from '@documenso/lib/server-only/user/send-confirmation-token';
import { updatePassword } from '@documenso/lib/server-only/user/update-password';
import { updateProfile } from '@documenso/lib/server-only/user/update-profile';
import { updatePublicProfile } from '@documenso/lib/server-only/user/update-public-profile';
import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
import { SubscriptionStatus } from '@documenso/prisma/client';

import { adminProcedure, authenticatedProcedure, procedure, router } from '../trpc';
import {
  ZConfirmEmailMutationSchema,
  ZFindUserSecurityAuditLogsSchema,
  ZForgotPasswordFormSchema,
  ZResetPasswordFormSchema,
  ZRetrieveUserByIdQuerySchema,
  ZUpdatePasswordMutationSchema,
  ZUpdateProfileMutationSchema,
  ZUpdatePublicProfileMutationSchema,
} from './schema';

export const profileRouter = router({
  findUserSecurityAuditLogs: authenticatedProcedure
    .input(ZFindUserSecurityAuditLogsSchema)
    .query(async ({ input, ctx }) => {
      try {
        return await findUserSecurityAuditLogs({
          userId: ctx.user.id,
          ...input,
        });
      } catch (err) {
        console.error(err);

        throw new TRPCError({
          code: 'BAD_REQUEST',
          message: 'We were unable to find user security audit logs. Please try again.',
        });
      }
    }),

  getUser: adminProcedure.input(ZRetrieveUserByIdQuerySchema).query(async ({ input }) => {
    try {
      const { id } = input;

      return await getUserById({ id });
    } catch (err) {
      console.error(err);

      throw new TRPCError({
        code: 'BAD_REQUEST',
        message: 'We were unable to retrieve the specified account. Please try again.',
      });
    }
  }),

  updateProfile: authenticatedProcedure
    .input(ZUpdateProfileMutationSchema)
    .mutation(async ({ input, ctx }) => {
      try {
        const { name, signature } = input;

        return await updateProfile({
          userId: ctx.user.id,
          name,
          signature,
          requestMetadata: extractNextApiRequestMetadata(ctx.req),
        });
      } catch (err) {
        console.error(err);

        throw new TRPCError({
          code: 'BAD_REQUEST',
          message:
            'We were unable to update your profile. Please review the information you provided and try again.',
        });
      }
    }),

  updatePublicProfile: authenticatedProcedure
    .input(ZUpdatePublicProfileMutationSchema)
    .mutation(async ({ input, ctx }) => {
      try {
        const { url } = input;

        if (IS_BILLING_ENABLED() && url.length < 6) {
          const subscriptions = await getSubscriptionsByUserId({
            userId: ctx.user.id,
          }).then((subscriptions) =>
            subscriptions.filter((s) => s.status === SubscriptionStatus.ACTIVE),
          );

          if (subscriptions.length === 0) {
            throw new AppError(
              AppErrorCode.PREMIUM_PROFILE_URL,
              'Only subscribers can have a username shorter than 6 characters',
            );
          }
        }

        const user = await updatePublicProfile({
          userId: ctx.user.id,
          url,
        });

        return { success: true, url: user.url };
      } catch (err) {
        console.error(err);

        const error = AppError.parseError(err);

        if (error.code !== AppErrorCode.UNKNOWN_ERROR) {
          throw AppError.parseErrorToTRPCError(error);
        }

        throw new TRPCError({
          code: 'BAD_REQUEST',
          message:
            'We were unable to update your public profile. Please review the information you provided and try again.',
        });
      }
    }),

  updatePassword: authenticatedProcedure
    .input(ZUpdatePasswordMutationSchema)
    .mutation(async ({ input, ctx }) => {
      try {
        const { password, currentPassword } = input;

        return await updatePassword({
          userId: ctx.user.id,
          password,
          currentPassword,
          requestMetadata: extractNextApiRequestMetadata(ctx.req),
        });
      } catch (err) {
        console.error(err);

        let message =
          'We were unable to update your profile. Please review the information you provided and try again.';

        if (err instanceof Error) {
          message = err.message;
        }

        throw new TRPCError({
          code: 'BAD_REQUEST',
          message,
        });
      }
    }),

  forgotPassword: procedure.input(ZForgotPasswordFormSchema).mutation(async ({ input }) => {
    try {
      const { email } = input;

      return await forgotPassword({
        email,
      });
    } catch (err) {
      console.error(err);
    }
  }),

  resetPassword: procedure.input(ZResetPasswordFormSchema).mutation(async ({ input, ctx }) => {
    try {
      const { password, token } = input;

      return await resetPassword({
        token,
        password,
        requestMetadata: extractNextApiRequestMetadata(ctx.req),
      });
    } catch (err) {
      console.error(err);

      let message = 'We were unable to reset your password. Please try again.';

      if (err instanceof Error) {
        message = err.message;
      }

      throw new TRPCError({
        code: 'BAD_REQUEST',
        message,
      });
    }
  }),

  sendConfirmationEmail: procedure
    .input(ZConfirmEmailMutationSchema)
    .mutation(async ({ input }) => {
      try {
        const { email } = input;

        return await sendConfirmationToken({ email });
      } catch (err) {
        console.error(err);

        let message = 'We were unable to send a confirmation email. Please try again.';

        if (err instanceof Error) {
          message = err.message;
        }

        throw new TRPCError({
          code: 'BAD_REQUEST',
          message,
        });
      }
    }),

  deleteAccount: authenticatedProcedure.mutation(async ({ ctx }) => {
    try {
      return await deleteUser({
        id: ctx.user.id,
      });
    } catch (err) {
      console.error(err);

      let message = 'We were unable to delete your account. Please try again.';

      if (err instanceof Error) {
        message = err.message;
      }

      throw new TRPCError({
        code: 'BAD_REQUEST',
        message,
      });
    }
  }),
});
wip: refresh design 2023-06-09 18:21:18 +10:00			`import { TRPCError } from '@trpc/server';`

feat: the rest of the owl 2024-02-29 13:22:21 +11:00			`import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';`
fix: refactor and implement design 2024-02-28 14:43:09 +11:00			`import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';`
feat: the rest of the owl 2024-02-29 13:22:21 +11:00			`import { getSubscriptionsByUserId } from '@documenso/lib/server-only/subscription/get-subscriptions-by-user-id';`
chore: tidy code and extract alert-dialog 2024-02-25 11:12:18 +00:00			`import { deleteUser } from '@documenso/lib/server-only/user/delete-user';`
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`import { findUserSecurityAuditLogs } from '@documenso/lib/server-only/user/find-user-security-audit-logs';`
feat: create a password reset token 2023-09-18 11:15:29 +00:00			`import { forgotPassword } from '@documenso/lib/server-only/user/forgot-password';`
feat: build individual user page 2023-09-21 15:10:20 +01:00			`import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`import { resetPassword } from '@documenso/lib/server-only/user/reset-password';`
feat: email verification for registration (#599) 2023-11-21 06:42:29 +02:00			`import { sendConfirmationToken } from '@documenso/lib/server-only/user/send-confirmation-token';`
wip: refresh design 2023-06-09 18:21:18 +10:00			`import { updatePassword } from '@documenso/lib/server-only/user/update-password';`
			`import { updateProfile } from '@documenso/lib/server-only/user/update-profile';`
feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30			`import { updatePublicProfile } from '@documenso/lib/server-only/user/update-public-profile';`
feat: add auth fail logs 2024-01-31 12:27:40 +11:00			`import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';`
feat: the rest of the owl 2024-02-29 13:22:21 +11:00			`import { SubscriptionStatus } from '@documenso/prisma/client';`
wip: refresh design 2023-06-09 18:21:18 +10:00
chore: implement pr feedback 2023-10-11 12:32:33 +03:00			`import { adminProcedure, authenticatedProcedure, procedure, router } from '../trpc';`
feat: create a password reset token 2023-09-18 11:15:29 +00:00			`import {`
feat: email verification for registration (#599) 2023-11-21 06:42:29 +02:00			`ZConfirmEmailMutationSchema,`
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`ZFindUserSecurityAuditLogsSchema,`
feat: create a password reset token 2023-09-18 11:15:29 +00:00			`ZForgotPasswordFormSchema,`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`ZResetPasswordFormSchema,`
feat: build individual user page 2023-09-21 15:10:20 +01:00			`ZRetrieveUserByIdQuerySchema,`
feat: create a password reset token 2023-09-18 11:15:29 +00:00			`ZUpdatePasswordMutationSchema,`
			`ZUpdateProfileMutationSchema,`
feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30			`ZUpdatePublicProfileMutationSchema,`
feat: create a password reset token 2023-09-18 11:15:29 +00:00			`} from './schema';`
wip: refresh design 2023-06-09 18:21:18 +10:00
			`export const profileRouter = router({`
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`findUserSecurityAuditLogs: authenticatedProcedure`
			`.input(ZFindUserSecurityAuditLogsSchema)`
			`.query(async ({ input, ctx }) => {`
			`try {`
			`return await findUserSecurityAuditLogs({`
			`userId: ctx.user.id,`
			`...input,`
			`});`
			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message: 'We were unable to find user security audit logs. Please try again.',`
			`});`
			`}`
			`}),`

chore: implement pr feedback 2023-10-11 12:32:33 +03:00			`getUser: adminProcedure.input(ZRetrieveUserByIdQuerySchema).query(async ({ input }) => {`
			`try {`
			`const { id } = input;`
feat: build individual user page 2023-09-21 15:10:20 +01:00
chore: implement pr feedback 2023-10-11 12:32:33 +03:00			`return await getUserById({ id });`
			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

chore: implement pr feedback 2023-10-11 12:32:33 +03:00			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message: 'We were unable to retrieve the specified account. Please try again.',`
			`});`
			`}`
			`}),`
feat: build individual user page 2023-09-21 15:10:20 +01:00
wip: refresh design 2023-06-09 18:21:18 +10:00			`updateProfile: authenticatedProcedure`
			`.input(ZUpdateProfileMutationSchema)`
			`.mutation(async ({ input, ctx }) => {`
			`try {`
			`const { name, signature } = input;`

			`return await updateProfile({`
			`userId: ctx.user.id,`
			`name,`
			`signature,`
feat: add auth fail logs 2024-01-31 12:27:40 +11:00			`requestMetadata: extractNextApiRequestMetadata(ctx.req),`
wip: refresh design 2023-06-09 18:21:18 +10:00			`});`
			`} catch (err) {`
			`console.error(err);`

			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message:`
			`'We were unable to update your profile. Please review the information you provided and try again.',`
			`});`
			`}`
			`}),`

feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30			`updatePublicProfile: authenticatedProcedure`
			`.input(ZUpdatePublicProfileMutationSchema)`
			`.mutation(async ({ input, ctx }) => {`
			`try {`
fix: refactor and implement design 2024-02-28 14:43:09 +11:00			`const { url } = input;`
feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30
fix: profile claim name length (#1144) fixes the caim name length on the profile claim popup 2024-05-07 09:42:16 +02:00			`if (IS_BILLING_ENABLED() && url.length < 6) {`
feat: the rest of the owl 2024-02-29 13:22:21 +11:00			`const subscriptions = await getSubscriptionsByUserId({`
			`userId: ctx.user.id,`
			`}).then((subscriptions) =>`
			`subscriptions.filter((s) => s.status === SubscriptionStatus.ACTIVE),`
			`);`

			`if (subscriptions.length === 0) {`
			`throw new AppError(`
			`AppErrorCode.PREMIUM_PROFILE_URL,`
			`'Only subscribers can have a username shorter than 6 characters',`
			`);`
			`}`
			`}`

fix: refactor and implement design 2024-02-28 14:43:09 +11:00			`const user = await updatePublicProfile({`
			`userId: ctx.user.id,`
			`url,`
feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30			`});`
fix: refactor and implement design 2024-02-28 14:43:09 +11:00
			`return { success: true, url: user.url };`
feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

fix: refactor and implement design 2024-02-28 14:43:09 +11:00			`const error = AppError.parseError(err);`

			`if (error.code !== AppErrorCode.UNKNOWN_ERROR) {`
			`throw AppError.parseErrorToTRPCError(error);`
			`}`
feat: update signin signup ui Signed-off-by: Adithya Krishna <adithya@documenso.com> 2024-02-22 01:57:46 +05:30
			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message:`
			`'We were unable to update your public profile. Please review the information you provided and try again.',`
			`});`
			`}`
			`}),`

wip: refresh design 2023-06-09 18:21:18 +10:00			`updatePassword: authenticatedProcedure`
			`.input(ZUpdatePasswordMutationSchema)`
			`.mutation(async ({ input, ctx }) => {`
			`try {`
feat: require old password for password reset (#488) * feat: require old password for password reset 2023-10-04 09:53:57 +05:30			`const { password, currentPassword } = input;`
wip: refresh design 2023-06-09 18:21:18 +10:00
			`return await updatePassword({`
			`userId: ctx.user.id,`
			`password,`
feat: require old password for password reset (#488) * feat: require old password for password reset 2023-10-04 09:53:57 +05:30			`currentPassword,`
feat: add auth fail logs 2024-01-31 12:27:40 +11:00			`requestMetadata: extractNextApiRequestMetadata(ctx.req),`
wip: refresh design 2023-06-09 18:21:18 +10:00			`});`
			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

fix: minor tidying 2023-08-30 14:01:30 +10:00			`let message =`
			`'We were unable to update your profile. Please review the information you provided and try again.';`

			`if (err instanceof Error) {`
			`message = err.message;`
			`}`
wip: refresh design 2023-06-09 18:21:18 +10:00
			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
fix: minor tidying 2023-08-30 14:01:30 +10:00			`message,`
wip: refresh design 2023-06-09 18:21:18 +10:00			`});`
			`}`
			`}),`
feat: create a password reset token 2023-09-18 11:15:29 +00:00
			`forgotPassword: procedure.input(ZForgotPasswordFormSchema).mutation(async ({ input }) => {`
			`try {`
			`const { email } = input;`

			`return await forgotPassword({`
			`email,`
			`});`
			`} catch (err) {`
fix: add layout and minor updates 2023-09-19 13:34:54 +00:00			`console.error(err);`
feat: create a password reset token 2023-09-18 11:15:29 +00:00			`}`
			`}),`
feat: add reset functionality 2023-09-18 14:03:33 +00:00
feat: add user security audit logs 2024-01-30 17:31:27 +11:00			`resetPassword: procedure.input(ZResetPasswordFormSchema).mutation(async ({ input, ctx }) => {`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`try {`
			`const { password, token } = input;`

			`return await resetPassword({`
			`token,`
			`password,`
feat: add auth fail logs 2024-01-31 12:27:40 +11:00			`requestMetadata: extractNextApiRequestMetadata(ctx.req),`
feat: add reset functionality 2023-09-18 14:03:33 +00:00			`});`
			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

feat: better error handling and better toast messages 2023-09-18 15:09:41 +00:00			`let message = 'We were unable to reset your password. Please try again.';`
feat: add reset functionality 2023-09-18 14:03:33 +00:00
			`if (err instanceof Error) {`
			`message = err.message;`
			`}`

			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message,`
			`});`
			`}`
			`}),`
feat: email verification for registration (#599) 2023-11-21 06:42:29 +02:00
			`sendConfirmationEmail: procedure`
			`.input(ZConfirmEmailMutationSchema)`
			`.mutation(async ({ input }) => {`
			`try {`
			`const { email } = input;`

chore: refactor 2024-01-30 12:54:48 +02:00			`return await sendConfirmationToken({ email });`
feat: email verification for registration (#599) 2023-11-21 06:42:29 +02:00			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

feat: email verification for registration (#599) 2023-11-21 06:42:29 +02:00			`let message = 'We were unable to send a confirmation email. Please try again.';`

			`if (err instanceof Error) {`
			`message = err.message;`
			`}`

			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message,`
			`});`
			`}`
			`}),`
feat: delete user from db and unsubscribe from stripe 2024-01-20 23:30:56 +00:00
			`deleteAccount: authenticatedProcedure.mutation(async ({ ctx }) => {`
			`try {`
feat: improve admin panel 2024-03-03 01:55:33 +11:00			`return await deleteUser({`
			`id: ctx.user.id,`
			`});`
feat: delete user from db and unsubscribe from stripe 2024-01-20 23:30:56 +00:00			`} catch (err) {`
fix: improve error log coverage 2024-03-30 14:00:34 +08:00			`console.error(err);`

feat: delete user from db and unsubscribe from stripe 2024-01-20 23:30:56 +00:00			`let message = 'We were unable to delete your account. Please try again.';`

			`if (err instanceof Error) {`
			`message = err.message;`
			`}`

			`throw new TRPCError({`
			`code: 'BAD_REQUEST',`
			`message,`
			`});`
			`}`
			`}),`
wip: refresh design 2023-06-09 18:21:18 +10:00			`});`