refactor: require password verification

chore: styling work

public/api/users/index.ts

@@ -139,6 +139,22 @@ export async function POST(req: Request, meta: Record<string, any>): Promise<Res
 			});
 		}
 
+		const password_verification_hash: string = body.password_verification_hash ?? (typeof body.password_verification === 'string'
+			? encodeBase64(
+				await crypto.subtle.digest('SHA-256', new TextEncoder().encode(body.password_verification))
+			)
+			: '');
+		if (password_verification_hash !== password_hash) {
+			return Response.json({
+				error: {
+					cause: 'invalid password verification hash',
+					message: 'Password and verification must be identical.'
+				}
+			}, {
+				status: 400
+			});
+		}
+
 		const at_least_one_existing_user = (await USERS.all({
 			limit: 1,
 			offset: 0