refactor forms (#122)

* Audit security vulnerabilities

* Refactor account management pages

* Yup no longer required

* Add form capabilities to new

* Prevent that bug before it happens

* Move some dots around

Author: odarbelaeze

package-lock.json

@@ -4,8 +4,10 @@
   "private": true,
   "type": "module",
   "dependencies": {
-    "@hookform/resolvers": "^3.4.0",
-    "@radix-ui/react-slot": "^1.1.1",
+    "@hookform/resolvers": "^3.10.0",
+    "@radix-ui/react-checkbox": "^1.1.4",
+    "@radix-ui/react-label": "^2.1.2",
+    "@radix-ui/react-slot": "^1.1.2",
     "@tanstack/react-query": "^5.60.5",
     "@types/d3": "^7.4.0",
     "@types/lodash": "^4.17.4",
@@ -18,17 +20,18 @@
     "firebase": "^10.12.0",
     "js-base64": "^3.7.5",
     "lodash": "^4.17.21",
+    "lucide-react": "^0.475.0",
     "md5": "^2.3.0",
     "moment": "^2.30.1",
     "papaparse": "^5.4.1",
     "react": "^18.3.1",
     "react-dom": "^18.3.1",
     "react-dropzone": "^14.2.2",
-    "react-hook-form": "^7.51.4",
+    "react-hook-form": "^7.54.2",
     "react-router-dom": "^6.23.1",
     "react-use": "^17.4.0",
     "tailwind-merge": "^3.0.1",
-    "yup": "^1.0.2"
+    "zod": "^3.24.1"
   },
   "scripts": {
     "shipit": "git tag v$(date +%y.%m.%d.%H.%M) && git push --tags",

package.json

@@ -11,7 +11,7 @@ type AppLayoutProps = {
 const AppLayout: FC<AppLayoutProps> = ({ children }) => {
   const location = useLocation();
   return (
-    <div className="grid-rows-[auto_1fr_auto] mt-4 grid min-h-dvh gap-4 md:mt-16 md:gap-16">
+    <div className="mt-4 grid min-h-dvh grid-rows-[auto_1fr_auto] gap-4 md:mt-16 md:gap-16">
       <header>
         <div className="container">
           <Header />

src/components/layout/AppLayout.tsx

@@ -3,25 +3,29 @@ import useNext from "../../../hooks/useNext";
 import useUser from "../../../hooks/useUser";
 import { Message } from "../../common/Message";
 import Button from "../../ui/Button";
-import { yupResolver } from "@hookform/resolvers/yup";
+import {
+  Form,
+  FormControl,
+  FormDescription,
+  FormField,
+  FormItem,
+  FormLabel,
+  FormMessage,
+} from "../../ui/Form";
+import { Input } from "../../ui/Input";
+import { zodResolver } from "@hookform/resolvers/zod";
 import { useMutation } from "@tanstack/react-query";
 import { Auth, signInWithEmailAndPassword } from "firebase/auth";
-import { Fragment } from "react";
 import { useForm } from "react-hook-form";
 import { Link, Navigate, useNavigate } from "react-router-dom";
-import { object, string } from "yup";
+import { z } from "zod";
 
-type LogInFormFieldsType = {
-  email: string;
-  password: string;
-};
+const logInSchema = z.object({
+  email: z.string().email(),
+  password: z.string().nonempty({ message: "Password is required." }),
+});
 
-const loginSchema = object()
-  .shape({
-    email: string().required().email("Invalid email address"),
-    password: string().required().min(8, "Invalid password"),
-  })
-  .required();
+type LogInFormFieldsType = z.infer<typeof logInSchema>;
 
 const logIn = async ({
   auth,
@@ -37,11 +41,11 @@ const logIn = async ({
 
 const LogIn = () => {
   const form = useForm<LogInFormFieldsType>({
+    resolver: zodResolver(logInSchema),
     defaultValues: {
       email: "",
       password: "",
     },
-    resolver: yupResolver(loginSchema),
   });
   const navigate = useNavigate();
   const { next, nextSearch } = useNext();
@@ -64,69 +68,79 @@ const LogIn = () => {
   }
 
   return (
-    <Fragment>
-      <form
-        className="m-auto flex max-w-md flex-col gap-4"
-        onSubmit={form.handleSubmit((data) =>
-          signIn({
-            auth: firebase.auth,
-            email: data.email,
-            password: data.password,
-          }),
-        )}
-      >
-        <h2 className="font-tall text-2xl uppercase md:text-4xl">Log In</h2>
-        <div className="flex flex-col gap-2">
-          <input
-            {...form.register("email")}
-            type="email"
-            className="rounded-sm border border-stone-500 p-2"
-            placeholder="email@example.com"
-          />
-          <Message
-            message={form.formState.errors.email?.message}
-            type="error"
+    <div className="flex flex-col items-center gap-8">
+      <Form {...form}>
+        <form
+          className="m-auto flex w-full max-w-md flex-col gap-4"
+          onSubmit={form.handleSubmit((data) =>
+            signIn({
+              auth: firebase.auth,
+              email: data.email,
+              password: data.password,
+            }),
+          )}
+        >
+          <h2 className="font-tall text-2xl uppercase md:text-4xl">Log In</h2>
+          <FormField
+            control={form.control}
+            name="email"
+            render={({ field }) => (
+              <FormItem>
+                <FormLabel>Email</FormLabel>
+                <FormControl>
+                  <Input
+                    {...field}
+                    type="email"
+                    placeholder="email@example.com"
+                  />
+                </FormControl>
+                <FormDescription>Enter your email address.</FormDescription>
+                <FormMessage />
+              </FormItem>
+            )}
           />
-        </div>
-        <div className="flex flex-col gap-2">
-          <input
-            {...form.register("password")}
-            type="password"
-            className="rounded-sm border border-stone-500 p-2"
-            placeholder="password"
+          <FormField
+            control={form.control}
+            name="password"
+            render={({ field }) => (
+              <FormItem>
+                <FormLabel>Password</FormLabel>
+                <FormControl>
+                  <Input {...field} type="password" placeholder="password" />
+                </FormControl>
+                <FormDescription>A very secure password.</FormDescription>
+                <FormMessage />
+              </FormItem>
+            )}
           />
+          <div>
+            <Button className="uppercase" asChild>
+              <input type="submit" value="log in" />
+            </Button>
+          </div>
           <Message
-            message={form.formState.errors.password?.message}
-            type="error"
+            message={
+              isSuccess
+                ? "Successfully logged you in."
+                : isError
+                  ? "There was an issue logging you in."
+                  : ""
+            }
+            type={isError ? "error" : "info"}
           />
-        </div>
-        <div>
-          <Button className="uppercase" asChild>
-            <input type="submit" value="log in" />
-          </Button>
-        </div>
-        <Message
-          message={
-            isSuccess
-              ? "Successfully logged you in."
-              : isError
-                ? "There was an issue logging you in."
-                : ""
-          }
-          type={isError ? "error" : "info"}
-        />
-        <Button variant="link" size="link" asChild>
-          <Link
-            to={{
-              pathname: "/reset-password",
-              search: nextSearch,
-            }}
-          >
-            Forgot your password?
-          </Link>
-        </Button>
-      </form>
-    </Fragment>
+        </form>
+      </Form>
+      <Button variant="link" size="link" asChild>
+        <Link
+          to={{
+            pathname: "/reset-password",
+            search: nextSearch,
+          }}
+        >
+          Forgot your password?
+        </Link>
+      </Button>
+    </div>
   );
 };
 

src/components/pages/account/LogIn.tsx

@@ -3,13 +3,22 @@ import useNext from "../../../hooks/useNext";
 import useUser from "../../../hooks/useUser";
 import { Message } from "../../common/Message";
 import Button from "../../ui/Button";
-import { yupResolver } from "@hookform/resolvers/yup";
+import {
+  Form,
+  FormControl,
+  FormDescription,
+  FormField,
+  FormItem,
+  FormLabel,
+  FormMessage,
+} from "../../ui/Form";
+import { Input } from "../../ui/Input";
+import { zodResolver } from "@hookform/resolvers/zod";
 import { useMutation } from "@tanstack/react-query";
 import { Auth, sendPasswordResetEmail } from "firebase/auth";
-import { Fragment } from "react";
 import { useForm } from "react-hook-form";
 import { Navigate } from "react-router-dom";
-import { object, string } from "yup";
+import { z } from "zod";
 
 const sendEmail = async ({
   auth,
@@ -21,22 +30,18 @@ const sendEmail = async ({
   await sendPasswordResetEmail(auth, email);
 };
 
-type PaswordResetFormFieldsType = {
-  email: string;
-};
+const passwordResetSchema = z.object({
+  email: z.string().email(),
+});
 
-const passwordResetSchema = object()
-  .shape({
-    email: string().required().email("Invalid email address"),
-  })
-  .required();
+type PaswordResetFormFieldsType = z.infer<typeof passwordResetSchema>;
 
 const PasswordReset = () => {
   const form = useForm<PaswordResetFormFieldsType>({
+    resolver: zodResolver(passwordResetSchema),
     defaultValues: {
       email: "",
     },
-    resolver: yupResolver(passwordResetSchema),
   });
   const firebase = useFirebase();
   const {
@@ -55,7 +60,7 @@ const PasswordReset = () => {
   }
 
   return (
-    <Fragment>
+    <Form {...form}>
       <form
         className="m-auto flex max-w-md flex-col gap-4"
         onSubmit={form.handleSubmit((data) =>
@@ -65,18 +70,24 @@ const PasswordReset = () => {
         <h2 className="font-tall text-2xl uppercase md:text-4xl">
           Reset your passrword
         </h2>
-        <div className="flex flex-col gap-2">
-          <input
-            {...form.register("email")}
-            type="email"
-            className="border border-stone-500 p-2"
-            placeholder="email@example.com"
-          />
-          <Message
-            message={form.formState.errors.email?.message}
-            type="error"
-          />
-        </div>
+        <FormField
+          control={form.control}
+          name="email"
+          render={({ field }) => (
+            <FormItem>
+              <FormLabel>Email</FormLabel>
+              <FormControl>
+                <Input
+                  {...field}
+                  type="email"
+                  placeholder="email@example.com"
+                />
+              </FormControl>
+              <FormDescription>Enter your email address.</FormDescription>
+              <FormMessage />
+            </FormItem>
+          )}
+        />
         <div>
           <Button className="uppercase" asChild>
             <input type="submit" value="send" />
@@ -93,7 +104,7 @@ const PasswordReset = () => {
           type={isError ? "error" : "info"}
         />
       </form>
-    </Fragment>
+    </Form>
   );
 };