Index: app/(auth)/actions.ts =================================================================== --- app/(auth)/actions.ts (revision 794232de69bac53c722412dbf50cc99a08792313) +++ app/(auth)/actions.ts (revision 794232de69bac53c722412dbf50cc99a08792313) @@ -0,0 +1,96 @@ +'use server' + +import { z } from 'zod'; +import postgres from 'postgres'; +import { signIn } from '@/auth'; +import bcrypt from "bcryptjs"; +import { AuthError } from 'next-auth'; + +const sql = postgres(process.env.POSTGRES_URL!, { ssl: 'require' }); + +export async function authenticate( + prevState: string | undefined, + formData: FormData, +) { + try { + const redirectTo = + (formData.get('redirectTo') as string)?.startsWith('/') + ? (formData.get('redirectTo') as string) + : '/dashboard'; + + await signIn('credentials', { + ...Object.fromEntries(formData), + redirectTo, + }); + } catch (error) { + if (error instanceof AuthError) { + switch (error.type) { + case 'CredentialsSignin': + return 'Invalid email or password.'; + default: + return 'Something went wrong. Please try again.'; + } + } + throw error; + } +} + +export async function register( + prevState: string | undefined, + formData: FormData, +) { + const schema = z.object({ + user_name: z.string().min(1), + email: z.string().email(), + password: z.string().min(6), + redirectTo: z.string().optional(), + }); + + const parsed = schema.safeParse({ + user_name: formData.get('user_name'), + email: formData.get('email'), + password: formData.get('password'), + redirectTo: formData.get('redirectTo'), + }); + + if (!parsed.success) { + return 'Invalid form data.'; + } + + const { user_name, email, password, redirectTo } = parsed.data; + + // sanitize redirect + const safeRedirect = + redirectTo?.startsWith('/') ? redirectTo : '/dashboard'; + + const existing = + await sql`SELECT user_id FROM "user" WHERE email=${email}`; + + if (existing.length > 0) { + return 'User already exists.'; + } + + const hashed = await bcrypt.hash(password, 10); + + try { + await sql` + INSERT INTO "user" (user_name, email, password) + VALUES (${user_name}, ${email}, ${hashed}) + `; + } catch { + return 'Failed to create user.'; + } + + try { + await signIn('credentials', { + email, + password, + redirectTo: safeRedirect, + }); + } catch (error) { + if (error instanceof AuthError) { + return 'Account created, but auto-login failed. Please log in.'; + } + throw error; + } +} Index: p/lib/actions.ts =================================================================== --- app/lib/actions.ts (revision 2893f8d750f6a7f00ad4b7558f197889a69077e4) +++ (revision ) @@ -1,96 +1,0 @@ -'use server' - -import { z } from 'zod'; -import postgres from 'postgres'; -import { signIn } from '@/auth'; -import bcrypt from "bcryptjs"; -import { AuthError } from 'next-auth'; - -const sql = postgres(process.env.POSTGRES_URL!, { ssl: 'require' }); - -export async function authenticate( - prevState: string | undefined, - formData: FormData, -) { - try { - const redirectTo = - (formData.get('redirectTo') as string)?.startsWith('/') - ? (formData.get('redirectTo') as string) - : '/home'; - - await signIn('credentials', { - ...Object.fromEntries(formData), - redirectTo, - }); - } catch (error) { - if (error instanceof AuthError) { - switch (error.type) { - case 'CredentialsSignin': - return 'Invalid email or password.'; - default: - return 'Something went wrong. Please try again.'; - } - } - throw error; - } -} - -export async function register( - prevState: string | undefined, - formData: FormData, -) { - const schema = z.object({ - user_name: z.string().min(1), - email: z.string().email(), - password: z.string().min(6), - redirectTo: z.string().optional(), - }); - - const parsed = schema.safeParse({ - user_name: formData.get('user_name'), - email: formData.get('email'), - password: formData.get('password'), - redirectTo: formData.get('redirectTo'), - }); - - if (!parsed.success) { - return 'Invalid form data.'; - } - - const { user_name, email, password, redirectTo } = parsed.data; - - // sanitize redirect - const safeRedirect = - redirectTo?.startsWith('/') ? redirectTo : '/home'; - - const existing = - await sql`SELECT user_id FROM "user" WHERE email=${email}`; - - if (existing.length > 0) { - return 'User already exists.'; - } - - const hashed = await bcrypt.hash(password, 10); - - try { - await sql` - INSERT INTO "user" (user_name, email, password) - VALUES (${user_name}, ${email}, ${hashed}) - `; - } catch { - return 'Failed to create user.'; - } - - try { - await signIn('credentials', { - email, - password, - redirectTo: safeRedirect, - }); - } catch (error) { - if (error instanceof AuthError) { - return 'Account created, but auto-login failed. Please log in.'; - } - throw error; - } -} Index: app/ui/login-form.tsx =================================================================== --- app/ui/login-form.tsx (revision 2893f8d750f6a7f00ad4b7558f197889a69077e4) +++ app/ui/login-form.tsx (revision 794232de69bac53c722412dbf50cc99a08792313) @@ -9,5 +9,5 @@ import { Button } from './button'; import { useActionState } from 'react'; -import { authenticate } from '@/app/lib/actions'; +import { authenticate } from '@/app/(auth)/actions'; import { useSearchParams } from 'next/navigation'; import Link from 'next/link'; Index: app/ui/register-form.tsx =================================================================== --- app/ui/register-form.tsx (revision 2893f8d750f6a7f00ad4b7558f197889a69077e4) +++ app/ui/register-form.tsx (revision 794232de69bac53c722412dbf50cc99a08792313) @@ -10,5 +10,5 @@ import { Button } from './button'; import { useActionState } from 'react'; -import { register } from '@/app/lib/actions'; +import { register } from '@/app/(auth)/actions'; import { useSearchParams } from 'next/navigation'; import Link from 'next/link';