Add separate password reset view

2023-06-15 16:26:06 +02:00
parent b6739e9d77
commit 9d3fa94960
7 changed files with 340 additions and 5 deletions
--- a/src/oidc_templates/login.ejs
+++ b/src/oidc_templates/login.ejs
@@ -80,7 +80,7 @@
              <input type="text" class="form-control" name="totpToken" id="inputTotpToken" value="">
              <p class="has-error" id="totpError"></p>
            </div>
-            <a href="/login.html?passwordReset=1">Reset password</a>
+            <a href="/passwordreset.html">Reset password</a>
            <button class="btn btn-primary btn-outline pull-right" type="submit">Log in</button>
          </form>
        </div>
--- a/src/routes/cloudron.js
+++ b/src/routes/cloudron.js
@@ -83,7 +83,7 @@ async function logout(req, res) {
    await eventlog.add(eventlog.ACTION_USER_LOGOUT, AuditSource.fromRequest(req), { userId: req.user.id, user: users.removePrivateFields(req.user) });

    await safe(tokens.delByAccessToken(req.token.accessToken));
-    res.redirect('/login.html');
+    res.redirect('/');
 }

 async function passwordResetRequest(req, res, next) {
--- a/src/server.js
+++ b/src/server.js
@@ -102,7 +102,7 @@ async function initializeExpressSync() {

    // login/logout routes
    router.post('/api/v1/cloudron/login',                  json, password, routes.cloudron.login);
-    router.get ('/api/v1/cloudron/logout',                       token,    routes.cloudron.logout); // this will invalidate the token if any and redirect to /login.html always
+    router.get ('/api/v1/cloudron/logout',                       token,    routes.cloudron.logout); // this will invalidate the token if any and redirect to / always
    router.post('/api/v1/cloudron/password_reset_request', json,           routes.cloudron.passwordResetRequest);
    router.post('/api/v1/cloudron/password_reset',         json,           routes.cloudron.passwordReset);
    router.post('/api/v1/cloudron/setup_account',          json,           routes.cloudron.setupAccount);
--- a/src/users.js
+++ b/src/users.js
@@ -665,7 +665,7 @@ async function getPasswordResetLink(user, auditSource) {
        await update(user, { resetToken, resetTokenCreationTime }, auditSource);
    }

-    const resetLink = `${settings.dashboardOrigin()}/login.html?resetToken=${resetToken}`;
+    const resetLink = `${settings.dashboardOrigin()}/passwordreset.html?resetToken=${resetToken}`;

    return resetLink;
 }