User creation and management

server/api/users/password/[id].put.ts

@@ -0,0 +1,79 @@
+import { resetUserPassword, getUserByUsername } from '~/server/utils/database'
+import { getAuthCookie } from '~/server/utils/auth'
+
+export default defineEventHandler(async (event) => {
+  const username = getAuthCookie(event)
+  
+  if (!username) {
+    throw createError({
+      statusCode: 401,
+      message: 'Unauthorized'
+    })
+  }
+
+  const user = getUserByUsername(username)
+  
+  if (!user || user.is_admin !== 1) {
+    throw createError({
+      statusCode: 403,
+      message: 'Forbidden - Admin access required'
+    })
+  }
+
+  const id = parseInt(event.context.params?.id || '')
+  const body = await readBody(event)
+  const { newPassword } = body
+  
+  if (isNaN(id)) {
+    throw createError({
+      statusCode: 400,
+      message: 'Invalid user ID'
+    })
+  }
+
+  if (!newPassword || typeof newPassword !== 'string') {
+    throw createError({
+      statusCode: 400,
+      message: 'New password is required'
+    })
+  }
+
+  // Validate password strength
+  if (newPassword.length < 8) {
+    throw createError({
+      statusCode: 400,
+      message: 'Password must be at least 8 characters long'
+    })
+  }
+
+  if (!/[A-Z]/.test(newPassword)) {
+    throw createError({
+      statusCode: 400,
+      message: 'Password must contain at least one uppercase letter'
+    })
+  }
+
+  if (!/[a-z]/.test(newPassword)) {
+    throw createError({
+      statusCode: 400,
+      message: 'Password must contain at least one lowercase letter'
+    })
+  }
+
+  if (!/[0-9!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]/.test(newPassword)) {
+    throw createError({
+      statusCode: 400,
+      message: 'Password must contain at least one number or symbol'
+    })
+  }
+
+  try {
+    resetUserPassword(id, newPassword)
+    return { success: true }
+  } catch (error) {
+    throw createError({
+      statusCode: 500,
+      message: 'Failed to reset password'
+    })
+  }
+})