Solvro · Konzum59 · Jan 10, 2026 · Jan 12, 2026 · Jan 12, 2026 · kguzek
@@ -0,0 +1,10 @@
+import { ChangePasswordForm } from "@/features/password-change";
+
+export default function ChangePasswordPage() {
+  return (
+    <div className="container mx-auto flex h-full flex-col items-center justify-center p-4 sm:p-8">
+      <h1 className="mb-4 text-2xl font-semibold">Tutaj zmienisz hasło</h1>
+      <ChangePasswordForm />
+    </div>
+  );
+}
@@ -43,6 +43,10 @@ function UserProfileMenu({ user }: { user: User }) {
             <FooterSource compact />
           </DropdownMenuItem>
         </DropdownMenuGroup>
+        <DropdownMenuSeparator />
+        <DropdownMenuItem asChild>
+          <Link href="/change-password">Zmień hasło</Link>
+        </DropdownMenuItem>
       </DropdownMenuContent>
     </DropdownMenu>
   );

@@ -30,7 +30,13 @@ export async function handleResponse<T>(
     };
     const code = errorReport?.error.code ?? String(response.status);
     const errorMessage = `Request failed with code ${code}: ${message}`;
-    logger.error(
+
+    const isValidationError =
+      code === "E_VALIDATION_ERROR" ||
+      Array.isArray(errorReport?.error.validationIssues);
+    const logFunction = isValidationError ? logger.warn : logger.error;
+
+    logFunction(
       {
         url: request.url,
         method: request.method,

@@ -0,0 +1,22 @@
+import { fetchMutation } from "@/features/backend";
+import type { MessageResponse } from "@/features/backend/types";
+
+/**
+ * Calls POST /api/v1/auth/change_password
+ * Body: { oldPassword, newPassword, newPasswordConfirm }
+ * Requires authentication; fetchMutation should attach tokens automatically
- * Requires authentication; fetchMutation should attach tokens automatically
+ *
+ * Authentication:
+ * - Requires an authenticated user access token.
+ * - The token is attached automatically by `fetchMutation` using the standard
+ *   project auth mechanism (for example, an Authorization header or HTTP-only
+ *   auth cookies).
+ * - If the request is unauthenticated or the token is invalid/expired, the
+ *   backend is expected to return an authentication error (such as HTTP 401/403),
+ *   which `fetchMutation` will surface to the caller.
- * Requires authentication; fetchMutation should attach tokens automatically
+ *
+ * Authentication:
+ * - Requires an authenticated user access token.
+ * - The token is attached automatically by `fetchMutation` using the standard
+ *   project auth mechanism (for example, an Authorization header or HTTP-only
+ *   auth cookies).
+ * - If the request is unauthenticated or the token is invalid/expired, the
+ *   backend is expected to return an authentication error (such as HTTP 401/403),
+ *   which `fetchMutation` will surface to the caller.
+ */
+export async function changePassword(body: {
+  oldPassword: string;
+  newPassword: string;
+  newPasswordConfirm: string;
+}) {
+  const response = await fetchMutation<MessageResponse>(
+    "auth/change_password",
+    {
+      method: "POST",
+      body,
+    },
+  );
+  return response;
+}
-export async function changePassword(body: {
-  oldPassword: string;
-  newPassword: string;
-  newPasswordConfirm: string;
-}) {
-  const response = await fetchMutation<MessageResponse>(
-    "auth/change_password",
-    {
-      method: "POST",
-      body,
-    },
-  );
-  return response;
-}
+export async function changePassword({
+  oldPassword,
+  newPassword,
+  newPasswordConfirm,
+}: {
+  oldPassword: string;
+  newPassword: string;
+  newPasswordConfirm: string;
+}) {
+  const response = await fetchMutation<MessageResponse>(
+    "auth/change_password",
+    {
+      method: "POST",
+      body: {
+        oldPassword,
+        newPassword,
+        newPasswordConfirm,
+      },
+    },
+  );
+  return response;
+}
-export async function changePassword(body: {
-  oldPassword: string;
-  newPassword: string;
-  newPasswordConfirm: string;
-}) {
-  const response = await fetchMutation<MessageResponse>(
-    "auth/change_password",
-    {
-      method: "POST",
-      body,
-    },
-  );
-  return response;
-}
+export async function changePassword({
+  oldPassword,
+  newPassword,
+  newPasswordConfirm,
+}: {
+  oldPassword: string;
+  newPassword: string;
+  newPasswordConfirm: string;
+}) {
+  const response = await fetchMutation<MessageResponse>(
+    "auth/change_password",
+    {
+      method: "POST",
+      body: {
+        oldPassword,
+        newPassword,
+        newPasswordConfirm,
+      },
+    },
+  );
+  return response;
+}
@@ -0,0 +1,120 @@
+"use client";
+
+import { zodResolver } from "@hookform/resolvers/zod";
+import { useMutation } from "@tanstack/react-query";
+import { useForm } from "react-hook-form";
+import { toast } from "sonner";
+
+import { PasswordInput } from "@/components/inputs/password-input";
+import { Button } from "@/components/ui/button";
+import { Form, FormField } from "@/components/ui/form";
+import { FetchError } from "@/features/backend";
+
+import { changePassword } from "../api/change-password";
+import { ChangePasswordSchema } from "../schemas/change-password-schema";
+import type { ChangePasswordFormValues } from "../schemas/change-password-schema";
+
+export function ChangePasswordForm() {
+  const form = useForm<ChangePasswordFormValues>({
+    resolver: zodResolver(ChangePasswordSchema),
+    defaultValues: {
+      oldPassword: "",
+      newPassword: "",
+      newPasswordConfirm: "",
+    },
+  });
+
+  const { mutate, isPending } = useMutation({
+    mutationFn: async (data: ChangePasswordFormValues) =>
+      changePassword({
+        oldPassword: data.oldPassword,
+        newPassword: data.newPassword,
+        newPasswordConfirm: data.newPasswordConfirm,
+      }),
-    mutationFn: async (data: ChangePasswordFormValues) =>
-      changePassword({
-        oldPassword: data.oldPassword,
-        newPassword: data.newPassword,
-        newPasswordConfirm: data.newPasswordConfirm,
-      }),
+    mutationFn: changePassword,
-    mutationFn: async (data: ChangePasswordFormValues) =>
-      changePassword({
-        oldPassword: data.oldPassword,
-        newPassword: data.newPassword,
-        newPasswordConfirm: data.newPasswordConfirm,
-      }),
+    mutationFn: changePassword,
+    onSuccess: () => {
+      toast.success("Hasło zmienione poprawnie");
+      form.reset();
+    },
+    onError: (error) => {
+      if (error instanceof FetchError) {
+        const validationIssues = error.errorReport?.error.validationIssues;
+        if (Array.isArray(validationIssues)) {
+          for (const issue of validationIssues) {
+            const fieldName =
+              (issue as Record<string, unknown>).field ??
+              (issue as Record<string, unknown>).rule;
+            const message = (issue as Record<string, unknown>).message;
+            if (fieldName === "oldPassword" && typeof message === "string") {
+              form.setError("oldPassword", {
+                type: "server",
+                message,
+              });
+              toast.error(message);
+              return;
+            }
+          }
+        }
+        toast.error(error.getCodedMessage("Nie udało się zmienić hasła"));
+      } else if (error instanceof Error) {
+        toast.error(error.message);
+      } else {
+        toast.error("Nie udało się zmienić hasła");
+      }
+    },
+    retry: false,
+  });
+
+  return (
+    <Form {...form}>
+      <form
+        noValidate
+        onSubmit={form.handleSubmit((data) => {
+          mutate(data);
+        })}
+        className="bg-background w-full max-w-md space-y-4 rounded-xl px-6 py-8"
+      >
+        <FormField
+          control={form.control}
+          name="oldPassword"
+          render={({ field }) => (
+            <PasswordInput
+              label="Aktualne hasło"
+              placeholder="Aktualne hasło"
+              {...field}
+            />
+          )}
+        />
+
+        <FormField
+          control={form.control}
+          name="newPassword"
+          render={({ field }) => (
+            <PasswordInput
+              label="Nowe hasło"
+              placeholder="Nowe hasło"
+              {...field}
+            />
+          )}
+        />
+
+        <FormField
+          control={form.control}
+          name="newPasswordConfirm"
+          render={({ field }) => (
+            <PasswordInput
+              label="Potwierdź nowe hasło"
+              placeholder="Potwierdź nowe hasło"
+              {...field}
+            />
+          )}
+        />
+
+        <div className="flex justify-end">
+          <Button type="submit" loading={isPending}>
+            Zmień hasło
+          </Button>
+        </div>
+      </form>
+    </Form>
+  );
+}
@@ -0,0 +1,3 @@
+export * from "./components/change-password-form";
+export * from "./api/change-password";
+export * from "./schemas/change-password-schema";
@@ -0,0 +1,22 @@
+import { z } from "zod";
+
+import { RequiredStringSchema } from "@/schemas";
+
+export const ChangePasswordSchema = z
+  .object({
+    oldPassword: RequiredStringSchema,
+    newPassword: RequiredStringSchema.min(8, {
+      message: "Hasło musi mieć co najmniej 8 znaków",
+    }),
-    }),
+    })
+      .regex(/[A-Z]/, {
+        message: "Hasło musi zawierać przynajmniej jedną wielką literę",
+      })
+      .regex(/[a-z]/, {
+        message: "Hasło musi zawierać przynajmniej jedną małą literę",
+      })
+      .regex(/[0-9]/, {
+        message: "Hasło musi zawierać przynajmniej jedną cyfrę",
+      })
+      .regex(/[^A-Za-z0-9]/, {
+        message: "Hasło musi zawierać przynajmniej jeden znak specjalny",
+      }),
-    }),
+    })
+      .regex(/[A-Z]/, {
+        message: "Hasło musi zawierać przynajmniej jedną wielką literę",
+      })
+      .regex(/[a-z]/, {
+        message: "Hasło musi zawierać przynajmniej jedną małą literę",
+      })
+      .regex(/[0-9]/, {
+        message: "Hasło musi zawierać przynajmniej jedną cyfrę",
+      })
+      .regex(/[^A-Za-z0-9]/, {
+        message: "Hasło musi zawierać przynajmniej jeden znak specjalny",
+      }),
+    newPasswordConfirm: RequiredStringSchema,
+  })
+  .refine((data) => data.newPassword === data.newPasswordConfirm, {
+    message: "Hasła muszą być identyczne",
+    path: ["newPasswordConfirm"],
+  })
+  .refine((data) => data.oldPassword !== data.newPassword, {
+    message: "Nowe hasło musi się różnić od starego",
-export const ChangePasswordSchema = z
-  .object({
-    oldPassword: RequiredStringSchema,
-    newPassword: RequiredStringSchema.min(8, {
-      message: "Hasło musi mieć co najmniej 8 znaków",
-    }),
-    newPasswordConfirm: RequiredStringSchema,
-  })
-  .refine((data) => data.newPassword === data.newPasswordConfirm, {
-    message: "Hasła muszą być identyczne",
-    path: ["newPasswordConfirm"],
-  })
-  .refine((data) => data.oldPassword !== data.newPassword, {
-    message: "Nowe hasło musi się różnić od starego",
+export const CHANGE_PASSWORD_ERROR_MESSAGES = {
+  minLength: "Hasło musi mieć co najmniej 8 znaków",
+  passwordsMustMatch: "Hasła muszą być identyczne",
+  passwordMustDiffer: "Nowe hasło musi się różnić od starego",
+} as const;
+
+export const ChangePasswordSchema = z
+  .object({
+    oldPassword: RequiredStringSchema,
+    newPassword: RequiredStringSchema.min(8, {
+      message: CHANGE_PASSWORD_ERROR_MESSAGES.minLength,
+    }),
+    newPasswordConfirm: RequiredStringSchema,
+  })
+  .refine((data) => data.newPassword === data.newPasswordConfirm, {
+    message: CHANGE_PASSWORD_ERROR_MESSAGES.passwordsMustMatch,
+    path: ["newPasswordConfirm"],
+  })
+  .refine((data) => data.oldPassword !== data.newPassword, {
+    message: CHANGE_PASSWORD_ERROR_MESSAGES.passwordMustDiffer,
-export const ChangePasswordSchema = z
-  .object({
-    oldPassword: RequiredStringSchema,
-    newPassword: RequiredStringSchema.min(8, {
-      message: "Hasło musi mieć co najmniej 8 znaków",
-    }),
-    newPasswordConfirm: RequiredStringSchema,
-  })
-  .refine((data) => data.newPassword === data.newPasswordConfirm, {
-    message: "Hasła muszą być identyczne",
-    path: ["newPasswordConfirm"],
-  })
-  .refine((data) => data.oldPassword !== data.newPassword, {
-    message: "Nowe hasło musi się różnić od starego",
+export const CHANGE_PASSWORD_ERROR_MESSAGES = {
+  minLength: "Hasło musi mieć co najmniej 8 znaków",
+  passwordsMustMatch: "Hasła muszą być identyczne",
+  passwordMustDiffer: "Nowe hasło musi się różnić od starego",
+} as const;
+
+export const ChangePasswordSchema = z
+  .object({
+    oldPassword: RequiredStringSchema,
+    newPassword: RequiredStringSchema.min(8, {
+      message: CHANGE_PASSWORD_ERROR_MESSAGES.minLength,
+    }),
+    newPasswordConfirm: RequiredStringSchema,
+  })
+  .refine((data) => data.newPassword === data.newPasswordConfirm, {
+    message: CHANGE_PASSWORD_ERROR_MESSAGES.passwordsMustMatch,
+    path: ["newPasswordConfirm"],
+  })
+  .refine((data) => data.oldPassword !== data.newPassword, {
+    message: CHANGE_PASSWORD_ERROR_MESSAGES.passwordMustDiffer,
+    path: ["newPassword"],
+  });
+
+export type ChangePasswordFormValues = z.infer<typeof ChangePasswordSchema>;