From 961b8024ab397ddc13a251a809af223a862e3591 Mon Sep 17 00:00:00 2001
From: Manuel <manuel.ruwe@bluewin.ch>
Date: Mon, 31 Jul 2023 22:36:43 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fix=20schema=20validation=20for?=
 =?UTF-8?q?=20user=20creation?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Admin/CreateNewUser/security-step.tsx     |  2 +-
 src/server/api/routers/user.ts                | 37 ++++++++-----------
 src/validations/user.ts                       |  6 +++
 3 files changed, 22 insertions(+), 23 deletions(-)

diff --git a/src/components/Admin/CreateNewUser/security-step.tsx b/src/components/Admin/CreateNewUser/security-step.tsx
index d096b05a5..31ee8f8dc 100644
--- a/src/components/Admin/CreateNewUser/security-step.tsx
+++ b/src/components/Admin/CreateNewUser/security-step.tsx
@@ -74,5 +74,5 @@ const randomString = () => {
 };
 
 export const createAccountSecurityStepValidationSchema = z.object({
-  password: z.string().min(10).max(50),
+  password: z.string().min(8).max(100),
 });
diff --git a/src/server/api/routers/user.ts b/src/server/api/routers/user.ts
index 5fe949e18..fa59cfafc 100644
--- a/src/server/api/routers/user.ts
+++ b/src/server/api/routers/user.ts
@@ -4,6 +4,7 @@ import { z } from 'zod';
 import { hashPassword } from '~/utils/security';
 import {
   colorSchemeParser,
+  createNewUserSchema,
   signUpFormSchema,
   updateSettingsValidationSchema,
 } from '~/validations/user';
@@ -188,29 +189,21 @@ export const userRouter = createTRPCRouter({
         nextCursor,
       };
     }),
-  createUser: publicProcedure
-    .input(
-      z.object({
-        username: z.string(),
-        email: z.string().email().optional(),
-        password: z.string().min(8).max(100),
-      })
-    )
-    .mutation(async ({ ctx, input }) => {
-      const salt = bcrypt.genSaltSync(10);
-      const hashedPassword = hashPassword(input.password, salt);
-      await ctx.prisma.user.create({
-        data: {
-          name: input.username,
-          email: input.email,
-          password: hashedPassword,
-          salt: salt,
-          settings: {
-            create: {},
-          },
+  createUser: publicProcedure.input(createNewUserSchema).mutation(async ({ ctx, input }) => {
+    const salt = bcrypt.genSaltSync(10);
+    const hashedPassword = hashPassword(input.password, salt);
+    await ctx.prisma.user.create({
+      data: {
+        name: input.username,
+        email: input.email,
+        password: hashedPassword,
+        salt: salt,
+        settings: {
+          create: {},
         },
-      });
-    }),
+      },
+    });
+  }),
 
   deleteUser: publicProcedure
     .input(
diff --git a/src/validations/user.ts b/src/validations/user.ts
index d886fdf79..fd321295c 100644
--- a/src/validations/user.ts
+++ b/src/validations/user.ts
@@ -19,6 +19,12 @@ export const signUpFormSchema = z
     path: ['passwordConfirmation'],
   });
 
+export const createNewUserSchema = z.object({
+  username: z.string(),
+  email: z.string().email().optional(),
+  password: z.string().min(8).max(100),
+});
+
 export const colorSchemeParser = z
   .enum(['light', 'dark', 'environment'])
   .default('environment')