ChangeCustomerPassword

import "./extended";
import { validatePassword } from "@alokai/connect/integration-kit";
import { HttpStatusCode } from "@alokai/connect/middleware";
import { z } from "zod";

import { assertAuthorized, defineApi } from "@vsf-enterprise/unified-api-sfcc";

const argsSchema = z.object({
  confirmPassword: z.string().min(1),
  currentPassword: z.string().min(1),
  newPassword: z.string().min(1),
});

export const changeCustomerPassword = defineApi.changeCustomerPassword(async (context, args) => {
  argsSchema.parse(args);

  const { api } = await context.getApiClient();
  await assertAuthorized(context);

  const { confirmPassword, currentPassword, newPassword } = args;

  if (!validatePassword(newPassword, confirmPassword)) {
    throw context.createHttpError({
      message: "Password does not meet the requirements",
      statusCode: HttpStatusCode.UNPROCESSABLE_ENTITY,
    });
  }

  const { success } = await api.updateCustomerPassword({
    currentPassword: currentPassword,
    password: newPassword,
  });

  if (!success) {
    throw context.createHttpError({
      message: "Password change failed",
      statusCode: HttpStatusCode.FORBIDDEN,
    });
  }
});