feat: Implement authentication actions with signin, signup, and signout (#26)

* feat: Implement authentication actions with signin, signup, and signout logic

* fix: Improve error handling and logging in authentication actions

* refactor: Standardize naming conventions for signin and signout actions and schemas

* refactor: Add 'server-only' import to signin and signup logic files

Author: kalidatony

package-lock.json

@@ -22,15 +22,18 @@
     "bcryptjs": "^3.0.2",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
+    "iron-session": "^8.0.4",
     "lucide-react": "^0.542.0",
     "luxon": "^3.7.2",
-    "next": "15.5.2",
+    "next": "^15.5.2",
+    "next-safe-action": "^8.0.11",
     "react": "19.1.0",
     "react-dom": "19.1.0",
     "react-icons": "^5.5.0",
     "tailwind-merge": "^3.3.1",
     "viem": "^2.37.5",
-    "wagmi": "^2.16.9"
+    "wagmi": "^2.16.9",
+    "zod": "^3.25.76"
   },
   "devDependencies": {
     "@eslint/eslintrc": "^3",

package.json

@@ -0,0 +1,32 @@
+'use server';
+
+import { actionClient } from '@/lib/action';
+import { signin} from './logic';
+import { signinSchema} from './schema';
+
+export const signinAction = actionClient
+  .inputSchema(signinSchema)
+  .metadata({ actionName: 'signin' })
+  .action(async ({ parsedInput }) => {
+    const { email } = parsedInput;
+
+    try {
+      const result = await signin(parsedInput);
+
+      if (result.success) {
+        return result.data;
+      }
+
+      throw new Error(result.error, { cause: { internal: true } });
+    } catch (err) {
+      const error = err as Error;
+      const cause = error.cause as { internal: boolean } | undefined;
+
+      if (cause?.internal) {
+        throw new Error(error.message, { cause: error });
+      }
+
+      console.error('Sign in error:', error);
+      throw new Error('Something went wrong');
+    }
+  });

src/actions/auth/signin/action.ts

@@ -0,0 +1,44 @@
+import 'server-only';
+
+import { prisma } from "@/lib/prisma";
+import { signinInput } from "./schema";
+import bcrypt from "bcryptjs";
+import { error, Result, success } from "@/lib/result";
+import { getSession } from "@/lib/session";
+import type { User } from "@prisma/client";
+
+export async function signin(input: signinInput): Promise<Result<Omit<User, 'password'>>> {
+    const { email, password } = input;
+
+    const normalisedEmail = email.toLowerCase().trim();
+
+    //Find user by email
+    const user = await prisma.user.findUnique({
+        where: {
+            email: normalisedEmail
+        }
+    })
+    if (!user) {
+        console.error('signin error: User not found');
+        return error('Invalid credentials');
+    }
+
+    //Verify Password
+    const isValidPassword = await bcrypt.compare(password, user.password!);
+
+    if (!isValidPassword) {
+        console.error('signin error: Invalid Password');
+        return error('Invalid credentials');
+    }
+
+    // Omit password from returned user object
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    const { password: _password, ...userWithoutPassword } = user;
+
+    //Session
+    const session = await getSession();
+    session.user = { id: userWithoutPassword.id };
+    await session.save();
+
+    return success(userWithoutPassword);
+}

src/actions/auth/signin/logic.ts

@@ -0,0 +1,8 @@
+import {z} from 'zod';
+
+export const signinSchema = z.object({
+    email: z.string().email("Invalid Email Format"),
+    password: z.string().min(1,'Password is required')
+});
+
+export type signinInput = z.infer<typeof signinSchema>

src/actions/auth/signin/schema.ts

@@ -0,0 +1,28 @@
+'use server';
+
+import { authActionClient } from '@/lib/action';
+import { signout} from './logic';
+
+export const signoutAction = authActionClient.metadata({ actionName: 'signout' }).action(async ({ ctx }) => {
+  const userId = ctx.session.user.id;
+
+  try {
+    const result = await signout();
+
+    if (result.success) {
+      return result.data;
+    }
+
+    throw new Error(result.error, { cause: { internal: true } });
+  } catch (err) {
+    const error = err as Error;
+    const cause = error.cause as { internal: boolean } | undefined;
+
+    if (cause?.internal) {
+      throw new Error(error.message, { cause: error });
+    }
+
+    console.error('Sign out error:', error, { userId });
+    throw new Error('Something went wrong');
+  }
+});

src/actions/auth/signout/action.ts

@@ -0,0 +1,10 @@
+import 'server-only';
+
+import { Result, success } from '@/lib/result';
+import { getSession } from '@/lib/session';
+
+export async function signout(): Promise<Result<undefined>> {
+  const session = await getSession();
+  await session.destroy();
+  return success(undefined);
+}

src/actions/auth/signout/logic.ts

@@ -0,0 +1,31 @@
+'use server';
+
+import { actionClient } from '@/lib/action';
+import { Signup} from './logic';
+import { SignupSchema} from './schema';
+
+export const signupAction = actionClient
+  .inputSchema(SignupSchema)
+  .metadata({ actionName: 'signup' })
+  .action(async ({ parsedInput }) => {
+    try {
+      const result = await Signup(parsedInput);
+
+      if (result.success) {
+        return result.data;
+      }
+
+      // Set session
+      throw new Error(result.error, { cause: { internal: true } });
+    } catch (err) {
+      const error = err as Error;
+      const cause = error.cause as { internal: boolean } | undefined;
+
+      if (cause?.internal) {
+        throw new Error(error.message, { cause: error });
+      }
+
+      console.error('Sign up error:', error);
+      throw new Error('Something went wrong');
+    }
+  });

src/actions/auth/signup/action.ts

@@ -0,0 +1,38 @@
+import 'server-only';
+
+import { prisma } from "@/lib/prisma";
+import bcrypt from "bcryptjs";
+import { signupInput } from "./schema";
+import { error, Result, success } from "@/lib/result";
+import { getSession } from "@/lib/session";
+import type { User } from "@prisma/client";
+
+export async function Signup(input: signupInput): Promise<Result<User>> {
+    const { email, name, password } = input;
+
+    const normalisedEmail = email.toLowerCase().trim();
+
+    const exisitingUser = await prisma.user.findUnique({
+        where: {
+            email: normalisedEmail
+        }
+    });
+    if (exisitingUser) {
+        console.error('Singup error: User with this email already exists')
+        return error('Something went wrong')
+    };
+
+    const hashedPassword = await bcrypt.hash(password, 12);
+    const user = await prisma.user.create({
+        data: {
+            name,
+            email: normalisedEmail,
+            password: hashedPassword
+        }
+    });
+    const session = await getSession();
+    session.user = { id: user.id };
+    await session.save();
+
+    return success(user);
+}

src/actions/auth/signup/logic.ts

@@ -0,0 +1,14 @@
+import { z } from "zod";
+
+export const signupSchema = z.object({
+    name: z.string().min(1, 'Name is required'),
+    email: z.string().email('Invalid email format'),
+    password: z.string()
+        .min(8, 'Password must be at least 8 characters long')
+        .regex(/(?=.*[a-z])/, 'Password must contain at least one lowercase letter')
+        .regex(/(?=.*[A-Z])/, 'Password must contain at least one uppercase letter')
+        .regex(/(?=.*\d)/, 'Password must contain at least one number')
+
+})
+
+export type signupInput = z.infer<typeof signupSchema>