feat: implement resetting of password if forgotten

2025-07-14 22:28:40 +02:00 · 2025-07-14 22:28:40 +02:00 · 17791fc017
commit 17791fc017
parent 42ed743054
5 changed files with 115 additions and 2 deletions
--- a/layouts/auth.vue
+++ b/layouts/auth.vue
@ -18,6 +18,7 @@
 			</div>
 			<div v-else id="auth-form-container">
 				<slot />
+				<div v-if="useRoute().path != '/reset-password'">Forgot password? Recover <NuxtLink :href="resetPasswordUrl">here</NuxtLink>!</div>
 			</div>
 			<div v-if="instanceUrl">
 				Instance URL is set to <span style="color: var(--primary-color);">{{ instanceUrl }}</span>
@ -36,6 +37,12 @@ const apiVersion = useRuntimeConfig().public.apiVersion;
 const apiBase = useCookie("api_base");
 const registrationEnabled = useState("registrationEnabled", () => true);

+const query = useRoute().query as Record<string, string>;
+const searchParams = new URLSearchParams(query);
+searchParams.delete("token");
+
+const resetPasswordUrl = `/reset-password?${searchParams}`;
+
 const auth = useAuth();

 onMounted(async () => {
@ -111,6 +118,7 @@ const form = reactive({
 #auth-form-container form {
 	display: flex;
 	flex-direction: column;
+	align-items: center;
 	text-align: left;
 	margin-top: 10dvh;
 	gap: 1em;
--- a/middleware/auth.global.ts
+++ b/middleware/auth.global.ts
@ -16,7 +16,7 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
 		}
 	}

-	if (["/login", "/register"].includes(to.path) && !Object.keys(to.query).includes("special")) {
+	if (["/login", "/register", "/reset-password"].includes(to.path) && !Object.keys(to.query).includes("special")) {
 		console.log("path is login or register");
 		const apiBase = useCookie("api_base");
 		console.log("apiBase gotten:", apiBase.value);
--- a/pages/login.vue
+++ b/pages/login.vue
@ -38,6 +38,7 @@ const form = reactive({

 const query = useRoute().query as Record<string, string>;
 const searchParams = new URLSearchParams(query);
+searchParams.delete("token");

 const registrationEnabled = ref<boolean>(true);
 const apiBase = useCookie("api_base");
@ -50,7 +51,7 @@ if (apiBase.value) {
 	}
 }

-const registerUrl = `/register?${searchParams}`
+const registerUrl = `/register?${searchParams}`;

 const { login } = useAuth();

--- a/pages/register.vue
+++ b/pages/register.vue
@ -86,6 +86,7 @@ const auth = useAuth();
 const loggedIn = ref(await auth.getUser());

 const query = new URLSearchParams(useRoute().query as Record<string, string>);
+query.delete("token");

 const user = await useAuth().getUser();

--- a/pages/reset-password.vue
+++ b/pages/reset-password.vue
@ -0,0 +1,103 @@
+<template>
+  <NuxtLayout name="auth">
+    <div v-if="errorValue">{{ errorValue }}</div>
+    <div v-if="!token">
+      <form v-if="!emailFormSent" @submit.prevent="sendEmail">
+        <div>
+          <label for="identifier">Email or username</label>
+            <br>
+          <input type="text" name="identifier" id="identifier" v-model="emailForm.identifier">
+        </div>
+        <div>
+          <Button type="submit" text="Send email" variant="normal" />
+        </div>
+      </form>
+      <div v-else>
+        If an account with that username/email exists, an email will be sent to it shortly.
+      </div>
+    </div>
+    <div v-else>
+      <form @submit.prevent="sendPassword">
+        <div>
+          <label for="password">Password</label>
+          <br>
+          <input type="password" name="password" id="password" v-model="passwordForm.password">
+        </div>
+        <div>
+          <Button type="submit" text="Submit" variant="normal" />
+        </div>
+      </form>
+    </div>
+    <div v-if="registrationEnabled">
+      Don't have an account? <NuxtLink :href="registerUrl">Register</NuxtLink> one!
+    </div>
+    <div>
+      Already have an account? <NuxtLink :href="loginUrl">Log in</NuxtLink>!
+    </div>
+  </NuxtLayout>
+</template>
+
+<script lang="ts" setup>
+import Button from '~/components/UserInterface/Button.vue';
+
+const emailForm = reactive({
+  identifier: ""
+});
+
+const emailFormSent = ref(false);
+
+const passwordForm = reactive({
+  password: ""
+});
+
+const errorValue = ref<string>();
+
+const registrationEnabled = ref<boolean>(true);
+const apiBase = useCookie("api_base");
+
+const query = useRoute().query as Record<string, string>;
+const searchParams = new URLSearchParams(query);
+
+const token = ref(searchParams.get("token"))
+searchParams.delete("token");
+const { resetPassword } = useApi();
+
+const registerUrl = `/register?${searchParams}`;
+const loginUrl = `/login?${searchParams}`;
+
+if (apiBase.value) {
+	console.log("apiBase:", apiBase.value);
+	const stats = await useApi().fetchInstanceStats(apiBase.value);
+	if (stats) {
+		registrationEnabled.value = stats.registration_enabled;
+	}
+}
+
+const { sendPasswordResetEmail } = useApi();
+
+async function sendEmail() {
+  try {
+    await sendPasswordResetEmail(emailForm.identifier);
+    emailFormSent.value = true;
+  } catch (error) {
+    errorValue.value = (error as any).toString();
+  }
+}
+
+async function sendPassword() {
+  try {
+    console.log("pass:", passwordForm.password);
+    const hashedPass = await hashPassword(passwordForm.password)
+    console.log("hashed pass:", hashedPass);
+    await resetPassword(hashedPass, token.value!);
+    return await navigateTo(`/login?${searchParams}`);
+  } catch (error) {
+    errorValue.value = (error as any).toString();
+  }
+}
+
+</script>
+
+<style>
+
+</style>