move alot to constants, fix html

src/routes/user/update/password.ts

@@ -1,4 +1,10 @@
 import { echo } from "@atums/echo";
+import {
+	errorMessages,
+	httpStatus,
+	passwordHashing,
+	successMessages,
+} from "#environment/constants";
 import { sessionManager } from "#lib/auth";
 import { cassandra } from "#lib/database";
 import { isValidPassword } from "#lib/validation";
@@ -27,11 +33,11 @@ async function handler(
 
 		if (!session) {
 			const response: UpdatePasswordResponse = {
-				code: 401,
+				code: httpStatus.UNAUTHORIZED,
 				success: false,
-				error: "Not authenticated",
+				error: errorMessages.NOT_AUTHENTICATED,
 			};
-			return Response.json(response, { status: 401 });
+			return Response.json(response, { status: httpStatus.UNAUTHORIZED });
 		}
 
 		const { currentPassword, newPassword, logoutAllSessions } =
@@ -39,30 +45,30 @@ async function handler(
 
 		if (!currentPassword || !newPassword) {
 			const response: UpdatePasswordResponse = {
-				code: 400,
+				code: httpStatus.BAD_REQUEST,
 				success: false,
 				error: "Both currentPassword and newPassword are required",
 			};
-			return Response.json(response, { status: 400 });
+			return Response.json(response, { status: httpStatus.BAD_REQUEST });
 		}
 
 		const passwordValidation = isValidPassword(newPassword);
 		if (!passwordValidation.valid) {
 			const response: UpdatePasswordResponse = {
-				code: 400,
+				code: httpStatus.BAD_REQUEST,
 				success: false,
 				error: passwordValidation.error || "Invalid new password",
 			};
-			return Response.json(response, { status: 400 });
+			return Response.json(response, { status: httpStatus.BAD_REQUEST });
 		}
 
 		if (currentPassword === newPassword) {
 			const response: UpdatePasswordResponse = {
-				code: 400,
+				code: httpStatus.BAD_REQUEST,
 				success: false,
-				error: "New password must be different from current password",
+				error: errorMessages.PASSWORD_SAME_AS_CURRENT,
 			};
-			return Response.json(response, { status: 400 });
+			return Response.json(response, { status: httpStatus.BAD_REQUEST });
 		}
 
 		const userQuery = `
@@ -78,21 +84,21 @@ async function handler(
 			await sessionManager.invalidateSession(request);
 
 			const response: UpdatePasswordResponse = {
-				code: 404,
+				code: httpStatus.NOT_FOUND,
 				success: false,
-				error: "User not found",
+				error: errorMessages.USER_NOT_FOUND,
 			};
-			return Response.json(response, { status: 404 });
+			return Response.json(response, { status: httpStatus.NOT_FOUND });
 		}
 
 		const user = userResult.rows[0];
 		if (!user) {
 			const response: UpdatePasswordResponse = {
-				code: 404,
+				code: httpStatus.NOT_FOUND,
 				success: false,
-				error: "User not found",
+				error: errorMessages.USER_NOT_FOUND,
 			};
-			return Response.json(response, { status: 404 });
+			return Response.json(response, { status: httpStatus.NOT_FOUND });
 		}
 
 		const isCurrentPasswordValid = await Bun.password.verify(
@@ -102,18 +108,17 @@ async function handler(
 
 		if (!isCurrentPasswordValid) {
 			const response: UpdatePasswordResponse = {
-				code: 401,
+				code: httpStatus.UNAUTHORIZED,
 				success: false,
-				error: "Current password is incorrect",
+				error: errorMessages.CURRENT_PASSWORD_INCORRECT,
 			};
-			return Response.json(response, { status: 401 });
+			return Response.json(response, { status: httpStatus.UNAUTHORIZED });
 		}
 
-		const hashedNewPassword = await Bun.password.hash(newPassword, {
-			algorithm: "argon2id",
-			memoryCost: 4096,
-			timeCost: 3,
-		});
+		const hashedNewPassword = await Bun.password.hash(
+			newPassword,
+			passwordHashing,
+		);
 
 		const updateQuery = `
 			UPDATE users
@@ -131,21 +136,25 @@ async function handler(
 			const invalidatedCount =
 				await sessionManager.invalidateAllSessionsForUser(session.id);
 
+			const baseMessage = successMessages.PASSWORD_UPDATED;
+			const sessionMessage = ` Logged out from ${invalidatedCount} session(s).`;
+
 			const response: UpdatePasswordResponse = {
-				code: 200,
+				code: httpStatus.OK,
 				success: true,
-				message: `Password updated successfully. Logged out from ${invalidatedCount} session(s).`,
+				message: baseMessage + sessionMessage,
 				loggedOutSessions: invalidatedCount,
 			};
 
 			return Response.json(response, {
-				status: 200,
+				status: httpStatus.OK,
 				headers: {
 					"Content-Type": "application/json",
 					"Set-Cookie": "session=; Path=/; Max-Age=0; HttpOnly",
 				},
 			});
 		}
+
 		const allSessions = await sessionManager.getActiveSessionsForUser(
 			session.id,
 		);
@@ -180,18 +189,21 @@ async function handler(
 			userAgent,
 		);
 
+		const baseMessage = successMessages.PASSWORD_UPDATED;
+		const sessionMessage =
+			invalidatedCount > 0
+				? ` Logged out from ${invalidatedCount} other session(s).`
+				: ".";
+
 		const response: UpdatePasswordResponse = {
-			code: 200,
+			code: httpStatus.OK,
 			success: true,
-			message:
-				invalidatedCount > 0
-					? `Password updated successfully. Logged out from ${invalidatedCount} other session(s).`
-					: "Password updated successfully.",
+			message: baseMessage + sessionMessage,
 			loggedOutSessions: invalidatedCount,
 		};
 
 		return Response.json(response, {
-			status: 200,
+			status: httpStatus.OK,
 			headers: {
 				"Content-Type": "application/json",
 				"Set-Cookie": sessionCookie,
@@ -204,11 +216,13 @@ async function handler(
 		});
 
 		const response: UpdatePasswordResponse = {
-			code: 500,
+			code: httpStatus.INTERNAL_SERVER_ERROR,
 			success: false,
-			error: "Internal server error",
+			error: errorMessages.INTERNAL_SERVER_ERROR,
 		};
-		return Response.json(response, { status: 500 });
+		return Response.json(response, {
+			status: httpStatus.INTERNAL_SERVER_ERROR,
+		});
 	}
 }