shellphone.app/app/auth/mutations/change-password.ts

import { NotFoundError, SecurePassword, resolver } from "blitz";

import db from "../../../db";
import { authenticateUser } from "./login";
import { ChangePassword } from "../validations";

export default resolver.pipe(
	resolver.zod(ChangePassword),
	resolver.authorize(),
	async ({ currentPassword, newPassword }, ctx) => {
		const user = await db.user.findFirst({ where: { id: ctx.session.userId! } });
		if (!user) throw new NotFoundError();

		await authenticateUser(user.email, currentPassword);

		const hashedPassword = await SecurePassword.hash(newPassword.trim());
		await db.user.update({
			where: { id: user.id },
			data: { hashedPassword },
		});

		return true;
	},
);