Merge branch 'main' of https://github.com/plxity/documenso into fix/undo-button-in-canvas

.env.example

@@ -5,9 +5,9 @@ NEXTAUTH_SECRET="secret"
 # [[CRYPTO]]
 # Application Key for symmetric encryption and decryption
 # REQUIRED: This should be a random string of at least 32 characters
-NEXT_PRIVATE_ENCRYPTION_KEY=""
+NEXT_PRIVATE_ENCRYPTION_KEY="CAFEBABE"
 # REQUIRED: This should be a random string of at least 32 characters
-NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY=""
+NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY="DEADBEEF"
 
 # [[AUTH OPTIONAL]]
 NEXT_PRIVATE_GOOGLE_CLIENT_ID=""
@@ -25,7 +25,7 @@ NEXT_PRIVATE_DIRECT_DATABASE_URL="postgres://documenso:password@127.0.0.1:54320/
 # [[E2E Tests]]
 E2E_TEST_AUTHENTICATE_USERNAME="Test User"
 E2E_TEST_AUTHENTICATE_USER_EMAIL="testuser@mail.com"
-E2E_TEST_AUTHENTICATE_USER_PASSWORD="test_password"
+E2E_TEST_AUTHENTICATE_USER_PASSWORD="test_Password123"
 
 # [[STORAGE]]
 # OPTIONAL: Defines the storage transport to use. Available options: database (default) | s3

apps/marketing/content/blog/commodifying-signing.mdx

@@ -0,0 +1,87 @@
+---
+title: Commodifying Signing
+description: We are creating signing as a public good and are commoditizing it to make it cheaper and better.
+authorName: 'Timur Ercan'
+authorImage: '/blog/blog-author-timur.jpeg'
+authorRole: 'Co-Founder'
+date: 2024-01-25
+Tags:
+  - Vision
+  - Mission
+  - Open Source
+---
+
+<figure>
+  <MdxNextImage
+    src="/blog/lighthouse.jpeg"
+    width="650"
+    height="650"
+    alt="A lighthouse on a tiny island."
+  />
+
+  <figcaption className="text-center">
+    Lighthouses are often used as an example of a public good; As they benefit all maritime users, but no one can be excluded from using them as a navigational aid. Use by one person neither prevents access by other people, nor does it reduce availability to others.
+  </figcaption>
+</figure>
+
+# Commodifying Signing
+
+> TLDR; We are creating signing as a public good and are commoditizing it to make it cheaper and better.
+
+While we are in full-on building mode with Documenso, I think a lot about the big picture of what we are attempting to do. One phrase that keeps popping up is, "We are commodifying signing." Let's dig deeper into what that means.
+
+Let's start with why we are doing this. Documenso's mission is to solve the domain of signing once and for all for everyone. In so many calls, I hear stories about how organizations build their own solution because the existing ones are too expensive or need to be more flexible. That means not hundreds but probably thousands of companies worldwide have done the same. This is simply wasting humanity's time. Since digital signing systems are understood well enough that seemingly "everyone" can build them, given enough pain, It's time to do it once correctly.
+
+## Is signing already a commodity?
+
+> In economics, a **commodity** is an economic good, usually a resource, that has explicitly full or substantial fungibility: that is, the market treats instances of the good as equivalent or nearly so with no regard to who produced them.
+
+That sounds like the signing market today. There is no shortage of signing providers, and you can get similar signing services from many places. So why is this different from what we want, and why does this not satisfy the market?
+
+- Signing is expensive and painful when you are locked into your vendor, and they charge by signing volume.
+- Signing is also expensive and painful when you have to build it yourself since no vendor fits your requirements or you are not allowed to
+
+To understand why, we need to look at the landscape as it is today:
+
+- **Commodity**: Signing SaaS
+- **Private Goods**: Signing Code Base, Regulatory Know-How
+- **Public Goods**: Web Tech, Digital Signature Algorithms and Standards
+
+What the current players have done is to commodify the listed public goods into commercial products:
+
+> […]the action and process of transforming goods, services, ideas, nature, personal information, people, or animals into commodities.
+> (Let's ignore the end of that list for now and what it says about humanity, yikes)
+
+While this paradigm brought digital signing to many businesses worldwide, we aim for a different future. To solve signing once and for all, we need to achieve two core points:
+
+- Making it cheaper so it's profitable for everyone to use
+- Making it more accessible so everyone can use it (e.g. regulated industries) and flexible enough (extendable, open).
+
+To achieve this, we must transform the landscape to look like this:
+
+- **Commodities**: Enterprise Components, Support, Hosting, Self-Host Licenses
+- **Public Goods**: (no longer private): OS (Open Source) Signing Code Base, OS Regulatory Know-How
+- **Public Goods**: OS Web Tech, Digital Signature Algorithms and Standards
+
+## Raising the Bar
+
+Before creating a commodity, we are raising the bar of what the underlying public good is. Having an open source singing framework you can extend, self-host, and understand makes the resulting solution much more accessible and extendable for everyone. Now for the final feat of making signing cheaper:
+
+As we have seen, signing has already been commodified. But since it was done by a closed source and, frankly, a very opaque industry, no downward price spiral has ensued. By building Documenso open source with an open culture, we can pierce the veil and trigger what the space has been missing for a long time: Commoditization. If you had to read that again, so did I:
+
+> In business literature, **commoditization** is defined as the process by which goods that have economic value and are distinguishable in terms of attributes (uniqueness or brand) become simple commodities in the eyes of the market or consumers.
+
+By only selling what creates value for the customer (hosting a highly available service, keeping it compliant, supporting with technical issues and challenges, preparing industry-specific components), we are commoditizing signing since everyone can do it now: The resources enabling it are public goods, aka. open source. A leveled playing field, as described above, is the perfect environment for a community-first, technology-first, and value-first company like Documenso to flourish.
+
+## Changing the Game
+
+In this new world, a company needing signing (literally every company) can decide if the ROI (Return on Investment) of building signing themselves is greater than simply paying for the value-added activities they will need anyway. Pricing our offering not on volume but fixed is a nice additional wedge into the market we intend to use here.
+
+The market dynamic now changes to who can offer the greatest value added to the public goods, driving the price down as this can be done much more efficiently than locking customers into closed source SaaS. Documenso, being a lean company, which we intend to stay with for a long time, will help kickstart this effect. Open Source capital efficiency is real. Our planned enterprise components, hosting support, and partner ecosystem will all leverage this effect.
+
+We will grow our community around the public good, the open-source repo, and create an ecosystem around the commodities built on top of it (components, hosting, compliance, support). We will solve signing once and for all, and the world will be better for it. Onwards.
+
+As always, feel free to connect on [Twitter / X](https://twitter.com/eltimuro) (DM open) or [Discord](https://documen.so/discord) if you have any questions or comments.
+
+Best from Hamburg\
+Timur

apps/marketing/content/blog/manifest.mdx

@@ -7,6 +7,8 @@ authorRole: 'Co-Founder'
 date: 2023-07-13
 tags:
   - Manifesto
+  - Open Source
+  - Vision
 ---
 
 <figure>

apps/marketing/src/app/(marketing)/[content]/page.tsx

@@ -15,7 +15,7 @@ export const generateMetadata = ({ params }: { params: { content: string } }) =>
     notFound();
   }
 
-  return { title: `Documenso - ${document.title}` };
+  return { title: document.title };
 };
 
 const mdxComponents: MDXComponents = {

apps/marketing/src/app/(marketing)/blog/[post]/page.tsx

@@ -18,7 +18,9 @@ export const generateMetadata = ({ params }: { params: { post: string } }) => {
   }
 
   return {
-    title: `Documenso - ${blogPost.title}`,
+    title: {
+      absolute: `${blogPost.title} - Documenso Blog`,
+    },
     description: blogPost.description,
   };
 };

apps/marketing/src/app/(marketing)/blog/page.tsx

@@ -1,5 +1,10 @@
+import type { Metadata } from 'next';
+
 import { allBlogPosts } from 'contentlayer/generated';
 
+export const metadata: Metadata = {
+  title: 'Blog',
+};
 export default function BlogPage() {
   const blogPosts = allBlogPosts.sort((a, b) => {
     const dateA = new Date(a.date);

apps/marketing/src/app/(marketing)/open/page.tsx

@@ -1,3 +1,5 @@
+import type { Metadata } from 'next';
+
 import { z } from 'zod';
 
 import { getUserMonthlyGrowth } from '@documenso/lib/server-only/user/get-user-monthly-growth';
@@ -14,6 +16,10 @@ import { MonthlyTotalUsersChart } from './monthly-total-users-chart';
 import { TeamMembers } from './team-members';
 import { OpenPageTooltip } from './tooltip';
 
+export const metadata: Metadata = {
+  title: 'Open Startup',
+};
+
 export const revalidate = 3600;
 
 export const dynamic = 'force-dynamic';

apps/marketing/src/app/(marketing)/oss-friends/page.tsx

@@ -1,3 +1,4 @@
+import type { Metadata } from 'next';
 import Image from 'next/image';
 
 import { z } from 'zod';
@@ -5,7 +6,12 @@ import { z } from 'zod';
 import backgroundPattern from '@documenso/assets/images/background-pattern.png';
 
 import { OSSFriendsContainer } from './container';
-import { TOSSFriendsSchema, ZOSSFriendsSchema } from './schema';
+import type { TOSSFriendsSchema } from './schema';
+import { ZOSSFriendsSchema } from './schema';
+
+export const metadata: Metadata = {
+  title: 'OSS Friends',
+};
 
 export default async function OSSFriendsPage() {
   const ossFriends: TOSSFriendsSchema = await fetch('https://formbricks.com/api/oss-friends', {

apps/marketing/src/app/(marketing)/page.tsx

@@ -1,4 +1,5 @@
 /* eslint-disable no-unused-vars, @typescript-eslint/no-unused-vars */
+import type { Metadata } from 'next';
 import { Caveat } from 'next/font/google';
 
 import { cn } from '@documenso/ui/lib/utils';
@@ -10,6 +11,11 @@ import { OpenBuildTemplateBento } from '~/components/(marketing)/open-build-temp
 import { ShareConnectPaidWidgetBento } from '~/components/(marketing)/share-connect-paid-widget-bento';
 
 export const revalidate = 600;
+export const metadata: Metadata = {
+  title: {
+    absolute: 'Documenso - The Open Source DocuSign Alternative',
+  },
+};
 
 const fontCaveat = Caveat({
   weight: ['500'],

apps/marketing/src/app/(marketing)/pricing/page.tsx

@@ -1,5 +1,4 @@
-'use client';
-
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import {
@@ -12,6 +11,10 @@ import { Button } from '@documenso/ui/primitives/button';
 
 import { PricingTable } from '~/components/(marketing)/pricing-table';
 
+export const metadata: Metadata = {
+  title: 'Pricing',
+};
+
 export type PricingPageProps = {
   searchParams?: {
     planId?: string;

apps/marketing/src/app/(marketing)/singleplayer/page.tsx

@@ -1,5 +1,11 @@
+import type { Metadata } from 'next';
+
 import { SinglePlayerClient } from './client';
 
+export const metadata: Metadata = {
+  title: 'Singleplayer',
+};
+
 export const revalidate = 0;
 
 // !: This entire file is a hack to get around failed prerendering of

apps/marketing/src/app/layout.tsx

@@ -18,7 +18,10 @@ const fontInter = Inter({ subsets: ['latin'], variable: '--font-sans' });
 const fontCaveat = Caveat({ subsets: ['latin'], variable: '--font-signature' });
 
 export const metadata = {
-  title: 'Documenso - The Open Source DocuSign Alternative',
+  title: {
+    template: '%s - Documenso',
+    default: 'Documenso',
+  },
   description:
     'Join Documenso, the open signing infrastructure, and get a 10x better signing experience. Pricing starts at $30/mo. forever! Sign in now and enjoy a faster, smarter, and more beautiful document signing process. Integrates with your favorite tools, customizable, and expandable. Support our mission and become a part of our open-source community.',
   keywords:

apps/web/src/app/(dashboard)/documents/page.tsx

@@ -1,6 +1,8 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import { getRequiredServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
+import type { PeriodSelectorValue } from '@documenso/lib/server-only/document/find-documents';
 import { findDocuments } from '@documenso/lib/server-only/document/find-documents';
 import { getStats } from '@documenso/lib/server-only/document/get-stats';
 import { isExtendedDocumentStatus } from '@documenso/prisma/guards/is-extended-document-status';
@@ -8,7 +10,6 @@ import { ExtendedDocumentStatus } from '@documenso/prisma/types/extended-documen
 import { Tabs, TabsList, TabsTrigger } from '@documenso/ui/primitives/tabs';
 
 import { PeriodSelector } from '~/components/(dashboard)/period-selector/period-selector';
-import type { PeriodSelectorValue } from '~/components/(dashboard)/period-selector/types';
 import { isPeriodSelectorValue } from '~/components/(dashboard)/period-selector/types';
 import { DocumentStatus } from '~/components/formatter/document-status';
 
@@ -25,18 +26,22 @@ export type DocumentsPageProps = {
   };
 };
 
+export const metadata: Metadata = {
+  title: 'Documents',
+};
 export default async function DocumentsPage({ searchParams = {} }: DocumentsPageProps) {
   const { user } = await getRequiredServerComponentSession();
 
-  const stats = await getStats({
-    user,
-  });
-
   const status = isExtendedDocumentStatus(searchParams.status) ? searchParams.status : 'ALL';
   const period = isPeriodSelectorValue(searchParams.period) ? searchParams.period : '';
   const page = Number(searchParams.page) || 1;
   const perPage = Number(searchParams.perPage) || 20;
 
+  const stats = await getStats({
+    user,
+    period,
+  });
+
   const results = await findDocuments({
     userId: user.id,
     status,

apps/web/src/app/(dashboard)/settings/billing/page.tsx

@@ -1,3 +1,4 @@
+import type { Metadata } from 'next';
 import { redirect } from 'next/navigation';
 
 import { match } from 'ts-pattern';
@@ -17,6 +18,10 @@ import { LocaleDate } from '~/components/formatter/locale-date';
 import { BillingPlans } from './billing-plans';
 import { BillingPortalButton } from './billing-portal-button';
 
+export const metadata: Metadata = {
+  title: 'Billing',
+};
+
 export default async function BillingSettingsPage() {
   let { user } = await getRequiredServerComponentSession();
 

apps/web/src/app/(dashboard)/settings/profile/page.tsx

@@ -1,7 +1,13 @@
+import type { Metadata } from 'next';
+
 import { getRequiredServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
 
 import { ProfileForm } from '~/components/forms/profile';
 
+export const metadata: Metadata = {
+  title: 'Profile',
+};
+
 export default async function ProfileSettingsPage() {
   const { user } = await getRequiredServerComponentSession();
 

apps/web/src/app/(dashboard)/settings/security/page.tsx

@@ -1,3 +1,5 @@
+import type { Metadata } from 'next';
+
 import { IDENTITY_PROVIDER_NAME } from '@documenso/lib/constants/auth';
 import { getRequiredServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
 
@@ -5,6 +7,10 @@ import { AuthenticatorApp } from '~/components/forms/2fa/authenticator-app';
 import { RecoveryCodes } from '~/components/forms/2fa/recovery-codes';
 import { PasswordForm } from '~/components/forms/password';
 
+export const metadata: Metadata = {
+  title: 'Security',
+};
+
 export default async function SecuritySettingsPage() {
   const { user } = await getRequiredServerComponentSession();
 

apps/web/src/app/(dashboard)/templates/page.tsx

@@ -1,5 +1,7 @@
 import React from 'react';
 
+import type { Metadata } from 'next';
+
 import { getRequiredServerComponentSession } from '@documenso/lib/next-auth/get-server-component-session';
 import { getTemplates } from '@documenso/lib/server-only/template/get-templates';
 
@@ -14,6 +16,10 @@ type TemplatesPageProps = {
   };
 };
 
+export const metadata: Metadata = {
+  title: 'Templates',
+};
+
 export default async function TemplatesPage({ searchParams = {} }: TemplatesPageProps) {
   const { user } = await getRequiredServerComponentSession();
   const page = Number(searchParams.page) || 1;

apps/web/src/app/(signing)/sign/[token]/complete/document-preview-button.tsx

@@ -30,7 +30,7 @@ export const DocumentPreviewButton = ({
         {...props}
       >
         <FileSearch className="mr-2 h-5 w-5" strokeWidth={1.7} />
-        View Document
+        View Original Document
       </Button>
 
       <DocumentDialog documentData={documentData} open={showDialog} onOpenChange={setShowDialog} />

apps/web/src/app/(signing)/sign/[token]/complete/page.tsx

@@ -128,7 +128,7 @@ export default async function CompletedSigningPage({
             />
           ) : (
             <DocumentPreviewButton
-              className="flex-1"
+              className="text-[11px]"
               title="Signatures will appear once the document has been completed"
               documentData={documentData}
             />

apps/web/src/app/(signing)/sign/[token]/sign-dialog.tsx

@@ -45,7 +45,7 @@ export const SignDialog = ({
       </DialogTrigger>
       <DialogContent>
         <div className="text-center">
-          <div className="text-xl font-semibold text-neutral-800">Sign Document</div>
+          <div className="text-foreground text-xl font-semibold">Sign Document</div>
           <div className="text-muted-foreground mx-auto w-4/5 py-2 text-center">
             You are about to finish signing "{truncatedTitle}". Are you sure?
           </div>

apps/web/src/app/(unauthenticated)/check-email/page.tsx

@@ -1,7 +1,12 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import { Button } from '@documenso/ui/primitives/button';
 
+export const metadata: Metadata = {
+  title: 'Forgot password',
+};
+
 export default function ForgotPasswordPage() {
   return (
     <div>

apps/web/src/app/(unauthenticated)/forgot-password/page.tsx

@@ -1,7 +1,12 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import { ForgotPasswordForm } from '~/components/forms/forgot-password';
 
+export const metadata: Metadata = {
+  title: 'Forgot Password',
+};
+
 export default function ForgotPasswordPage() {
   return (
     <div>

apps/web/src/app/(unauthenticated)/reset-password/page.tsx

@@ -1,7 +1,12 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import { Button } from '@documenso/ui/primitives/button';
 
+export const metadata: Metadata = {
+  title: 'Reset Password',
+};
+
 export default function ResetPasswordPage() {
   return (
     <div>

apps/web/src/app/(unauthenticated)/signin/page.tsx

@@ -1,9 +1,14 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import { IS_GOOGLE_SSO_ENABLED } from '@documenso/lib/constants/auth';
 
 import { SignInForm } from '~/components/forms/signin';
 
+export const metadata: Metadata = {
+  title: 'Sign In',
+};
+
 export default function SignInPage() {
   return (
     <div>

apps/web/src/app/(unauthenticated)/signup/page.tsx

@@ -1,3 +1,4 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 import { redirect } from 'next/navigation';
 
@@ -5,6 +6,10 @@ import { IS_GOOGLE_SSO_ENABLED } from '@documenso/lib/constants/auth';
 
 import { SignUpForm } from '~/components/forms/signup';
 
+export const metadata: Metadata = {
+  title: 'Sign Up',
+};
+
 export default function SignUpPage() {
   if (process.env.NEXT_PUBLIC_DISABLE_SIGNUP === 'true') {
     redirect('/signin');

apps/web/src/app/(unauthenticated)/verify-email/page.tsx

@@ -1,9 +1,14 @@
+import type { Metadata } from 'next';
 import Link from 'next/link';
 
 import { XCircle } from 'lucide-react';
 
 import { Button } from '@documenso/ui/primitives/button';
 
+export const metadata: Metadata = {
+  title: 'Verify Email',
+};
+
 export default function EmailVerificationWithoutTokenPage() {
   return (
     <div className="flex w-full items-start">

apps/web/src/app/layout.tsx

@@ -20,7 +20,10 @@ const fontInter = Inter({ subsets: ['latin'], variable: '--font-sans' });
 const fontCaveat = Caveat({ subsets: ['latin'], variable: '--font-signature' });
 
 export const metadata = {
-  title: 'Documenso - The Open Source DocuSign Alternative',
+  title: {
+    template: '%s - Documenso',
+    default: 'Documenso',
+  },
   description:
     'Join Documenso, the open signing infrastructure, and get a 10x better signing experience. Pricing starts at $30/mo. forever! Sign in now and enjoy a faster, smarter, and more beautiful document signing process. Integrates with your favorite tools, customizable, and expandable. Support our mission and become a part of our open-source community.',
   keywords:

apps/web/src/components/(dashboard)/layout/header.tsx

@@ -33,7 +33,7 @@ export const Header = ({ className, user, ...props }: HeaderProps) => {
   return (
     <header
       className={cn(
-        'supports-backdrop-blur:bg-background/60 bg-background/95 sticky top-0 z-[50] flex h-16 w-full items-center border-b border-b-transparent backdrop-blur duration-200',
+        'supports-backdrop-blur:bg-background/60 bg-background/95 sticky top-0 z-[60] flex h-16 w-full items-center border-b border-b-transparent backdrop-blur duration-200',
         scrollY > 5 && 'border-b-border',
         className,
       )}

apps/web/src/components/(dashboard)/layout/profile-dropdown.tsx

@@ -68,7 +68,7 @@ export const ProfileDropdown = ({ user }: ProfileDropdownProps) => {
         </Button>
       </DropdownMenuTrigger>
 
-      <DropdownMenuContent className="w-56" align="end" forceMount>
+      <DropdownMenuContent className="z-[60] w-56" align="end" forceMount>
         <DropdownMenuLabel>Account</DropdownMenuLabel>
 
         {isUserAdmin && (
@@ -122,7 +122,7 @@ export const ProfileDropdown = ({ user }: ProfileDropdownProps) => {
             Themes
           </DropdownMenuSubTrigger>
           <DropdownMenuPortal>
-            <DropdownMenuSubContent>
+            <DropdownMenuSubContent className="z-[60]">
               <DropdownMenuRadioGroup value={theme} onValueChange={setTheme}>
                 <DropdownMenuRadioItem value="light">
                   <Sun className="mr-2 h-4 w-4" /> Light

apps/web/src/components/(dashboard)/period-selector/types.ts

@@ -1,4 +1,4 @@
-export type PeriodSelectorValue = '' | '7d' | '14d' | '30d';
+import type { PeriodSelectorValue } from '@documenso/lib/server-only/document/find-documents';
 
 export const isPeriodSelectorValue = (value: unknown): value is PeriodSelectorValue => {
   // eslint-disable-next-line @typescript-eslint/consistent-type-assertions

apps/web/src/components/forms/password.tsx

@@ -7,6 +7,7 @@ import { z } from 'zod';
 import type { User } from '@documenso/prisma/client';
 import { TRPCClientError } from '@documenso/trpc/client';
 import { trpc } from '@documenso/trpc/react';
+import { ZCurrentPasswordSchema, ZPasswordSchema } from '@documenso/trpc/server/auth-router/schema';
 import { cn } from '@documenso/ui/lib/utils';
 import { Button } from '@documenso/ui/primitives/button';
 import {
@@ -22,18 +23,9 @@ import { useToast } from '@documenso/ui/primitives/use-toast';
 
 export const ZPasswordFormSchema = z
   .object({
-    currentPassword: z
-      .string()
-      .min(6, { message: 'Password should contain at least 6 characters' })
-      .max(72, { message: 'Password should not contain more than 72 characters' }),
-    password: z
-      .string()
-      .min(6, { message: 'Password should contain at least 6 characters' })
-      .max(72, { message: 'Password should not contain more than 72 characters' }),
-    repeatedPassword: z
-      .string()
-      .min(6, { message: 'Password should contain at least 6 characters' })
-      .max(72, { message: 'Password should not contain more than 72 characters' }),
+    currentPassword: ZCurrentPasswordSchema,
+    password: ZPasswordSchema,
+    repeatedPassword: ZPasswordSchema,
   })
   .refine((data) => data.password === data.repeatedPassword, {
     message: 'Passwords do not match',

apps/web/src/components/forms/reset-password.tsx

@@ -8,6 +8,7 @@ import { z } from 'zod';
 
 import { TRPCClientError } from '@documenso/trpc/client';
 import { trpc } from '@documenso/trpc/react';
+import { ZPasswordSchema } from '@documenso/trpc/server/auth-router/schema';
 import { cn } from '@documenso/ui/lib/utils';
 import { Button } from '@documenso/ui/primitives/button';
 import {
@@ -23,8 +24,8 @@ import { useToast } from '@documenso/ui/primitives/use-toast';
 
 export const ZResetPasswordFormSchema = z
   .object({
-    password: z.string().min(6).max(72),
-    repeatedPassword: z.string().min(6).max(72),
+    password: ZPasswordSchema,
+    repeatedPassword: ZPasswordSchema,
   })
   .refine((data) => data.password === data.repeatedPassword, {
     path: ['repeatedPassword'],

apps/web/src/components/forms/signin.tsx

@@ -9,6 +9,7 @@ import { FcGoogle } from 'react-icons/fc';
 import { z } from 'zod';
 
 import { ErrorCode, isErrorCode } from '@documenso/lib/next-auth/error-codes';
+import { ZCurrentPasswordSchema } from '@documenso/trpc/server/auth-router/schema';
 import { cn } from '@documenso/ui/lib/utils';
 import { Button } from '@documenso/ui/primitives/button';
 import { Dialog, DialogContent, DialogHeader, DialogTitle } from '@documenso/ui/primitives/dialog';
@@ -39,7 +40,7 @@ const LOGIN_REDIRECT_PATH = '/documents';
 
 export const ZSignInFormSchema = z.object({
   email: z.string().email().min(1),
-  password: z.string().min(6).max(72),
+  password: ZCurrentPasswordSchema,
   totpCode: z.string().trim().optional(),
   backupCode: z.string().trim().optional(),
 });

apps/web/src/components/forms/signup.tsx

@@ -9,6 +9,7 @@ import { z } from 'zod';
 import { useAnalytics } from '@documenso/lib/client-only/hooks/use-analytics';
 import { TRPCClientError } from '@documenso/trpc/client';
 import { trpc } from '@documenso/trpc/react';
+import { ZPasswordSchema } from '@documenso/trpc/server/auth-router/schema';
 import { cn } from '@documenso/ui/lib/utils';
 import { Button } from '@documenso/ui/primitives/button';
 import {
@@ -26,15 +27,22 @@ import { useToast } from '@documenso/ui/primitives/use-toast';
 
 const SIGN_UP_REDIRECT_PATH = '/documents';
 
-export const ZSignUpFormSchema = z.object({
-  name: z.string().trim().min(1, { message: 'Please enter a valid name.' }),
-  email: z.string().email().min(1),
-  password: z
-    .string()
-    .min(6, { message: 'Password should contain at least 6 characters' })
-    .max(72, { message: 'Password should not contain more than 72 characters' }),
-  signature: z.string().min(1, { message: 'We need your signature to sign documents' }),
-});
+export const ZSignUpFormSchema = z
+  .object({
+    name: z.string().trim().min(1, { message: 'Please enter a valid name.' }),
+    email: z.string().email().min(1),
+    password: ZPasswordSchema,
+    signature: z.string().min(1, { message: 'We need your signature to sign documents' }),
+  })
+  .refine(
+    (data) => {
+      const { name, email, password } = data;
+      return !password.includes(name) && !password.includes(email.split('@')[0]);
+    },
+    {
+      message: 'Password should not be common or based on personal information',
+    },
+  );
 
 export type TSignUpFormSchema = z.infer<typeof ZSignUpFormSchema>;
 

packages/lib/server-only/document/find-documents.ts

@@ -9,6 +9,8 @@ import { ExtendedDocumentStatus } from '@documenso/prisma/types/extended-documen
 import type { FindResultSet } from '../../types/find-result-set';
 import { maskRecipientTokensForDocument } from '../../utils/mask-recipient-tokens-for-document';
 
+export type PeriodSelectorValue = '' | '7d' | '14d' | '30d';
+
 export type FindDocumentsOptions = {
   userId: number;
   term?: string;
@@ -19,7 +21,7 @@ export type FindDocumentsOptions = {
     column: keyof Omit<Document, 'document'>;
     direction: 'asc' | 'desc';
   };
-  period?: '' | '7d' | '14d' | '30d';
+  period?: PeriodSelectorValue;
 };
 
 export const findDocuments = async ({

packages/lib/server-only/document/get-stats.ts

@@ -1,14 +1,31 @@
+import { DateTime } from 'luxon';
+
 import { prisma } from '@documenso/prisma';
-import type { User } from '@documenso/prisma/client';
+import type { Prisma, User } from '@documenso/prisma/client';
 import { SigningStatus } from '@documenso/prisma/client';
 import { isExtendedDocumentStatus } from '@documenso/prisma/guards/is-extended-document-status';
 import { ExtendedDocumentStatus } from '@documenso/prisma/types/extended-document-status';
 
+import type { PeriodSelectorValue } from './find-documents';
+
 export type GetStatsInput = {
   user: User;
+  period?: PeriodSelectorValue;
 };
 
-export const getStats = async ({ user }: GetStatsInput) => {
+export const getStats = async ({ user, period }: GetStatsInput) => {
+  let createdAt: Prisma.DocumentWhereInput['createdAt'];
+
+  if (period) {
+    const daysAgo = parseInt(period.replace(/d$/, ''), 10);
+
+    const startOfPeriod = DateTime.now().minus({ days: daysAgo }).startOf('day');
+
+    createdAt = {
+      gte: startOfPeriod.toJSDate(),
+    };
+  }
+
   const [ownerCounts, notSignedCounts, hasSignedCounts] = await Promise.all([
     prisma.document.groupBy({
       by: ['status'],
@@ -17,6 +34,7 @@ export const getStats = async ({ user }: GetStatsInput) => {
       },
       where: {
         userId: user.id,
+        createdAt,
         deletedAt: null,
       },
     }),
@@ -33,6 +51,7 @@ export const getStats = async ({ user }: GetStatsInput) => {
             signingStatus: SigningStatus.NOT_SIGNED,
           },
         },
+        createdAt,
         deletedAt: null,
       },
     }),
@@ -42,6 +61,7 @@ export const getStats = async ({ user }: GetStatsInput) => {
         _all: true,
       },
       where: {
+        createdAt,
         User: {
           email: {
             not: user.email,

packages/trpc/server/auth-router/schema.ts

@@ -1,9 +1,25 @@
 import { z } from 'zod';
 
+export const ZCurrentPasswordSchema = z
+  .string()
+  .min(6, { message: 'Must be at least 6 characters in length' })
+  .max(72);
+
+export const ZPasswordSchema = z
+  .string()
+  .regex(new RegExp('.*[A-Z].*'), { message: 'One uppercase character' })
+  .regex(new RegExp('.*[a-z].*'), { message: 'One lowercase character' })
+  .regex(new RegExp('.*\\d.*'), { message: 'One number' })
+  .regex(new RegExp('.*[`~<>?,./!@#$%^&*()\\-_+="\'|{}\\[\\];:\\\\].*'), {
+    message: 'One special character is required',
+  })
+  .min(8, { message: 'Must be at least 8 characters in length' })
+  .max(72, { message: 'Cannot be more than 72 characters in length' });
+
 export const ZSignUpMutationSchema = z.object({
   name: z.string().min(1),
   email: z.string().email(),
-  password: z.string().min(6),
+  password: ZPasswordSchema,
   signature: z.string().min(1, { message: 'A signature is required.' }),
 });
 

packages/trpc/server/profile-router/schema.ts

@@ -1,5 +1,7 @@
 import { z } from 'zod';
 
+import { ZCurrentPasswordSchema, ZPasswordSchema } from '../auth-router/schema';
+
 export const ZRetrieveUserByIdQuerySchema = z.object({
   id: z.number().min(1),
 });
@@ -10,8 +12,8 @@ export const ZUpdateProfileMutationSchema = z.object({
 });
 
 export const ZUpdatePasswordMutationSchema = z.object({
-  currentPassword: z.string().min(6),
-  password: z.string().min(6),
+  currentPassword: ZCurrentPasswordSchema,
+  password: ZPasswordSchema,
 });
 
 export const ZForgotPasswordFormSchema = z.object({
@@ -19,7 +21,7 @@ export const ZForgotPasswordFormSchema = z.object({
 });
 
 export const ZResetPasswordFormSchema = z.object({
-  password: z.string().min(6),
+  password: ZPasswordSchema,
   token: z.string().min(1),
 });
 

packages/ui/primitives/data-table-pagination.tsx

@@ -1,4 +1,4 @@
-import { Table } from '@tanstack/react-table';
+import type { Table } from '@tanstack/react-table';
 import { ChevronLeft, ChevronRight, ChevronsLeft, ChevronsRight } from 'lucide-react';
 import { match } from 'ts-pattern';