Warracker/frontend/reset-password.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Set New Password - Warranty Tracker</title>
    <!-- Favicons -->
    <link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
    <link rel="icon" type="image/png" sizes="16x16" href="img/favicon-16x16.png?v=2">
    <link rel="icon" type="image/png" sizes="32x32" href="img/favicon-32x32.png?v=2">
    <link rel="stylesheet" href="style.css">
    <script src="theme-loader.js"></script> <!-- Apply theme early -->
    <!-- Font Awesome for icons -->
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
    <style>
        .auth-container {
            max-width: 400px;
            margin: 50px auto;
            padding: 30px;
            background-color: var(--card-bg);
            border-radius: 8px;
            box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
        }
        
        .auth-title {
            text-align: center;
            margin-bottom: 30px;
            color: var(--text-color);
        }
        
        .auth-form .form-group {
            margin-bottom: 20px;
        }
        
        .auth-links {
            margin-top: 20px;
            text-align: center;
            font-size: 0.9em;
        }
        
        .auth-links a {
            color: var(--primary-color);
            text-decoration: none;
            margin: 0 10px;
        }
        
        .auth-links a:hover {
            text-decoration: underline;
        }
        
        .auth-message {
            margin-top: 20px;
            padding: 10px;
            border-radius: 4px;
            text-align: center;
            display: none;
        }
        
        .auth-message.error {
            background-color: rgba(244, 67, 54, 0.1);
            color: #f44336;
            border: 1px solid rgba(244, 67, 54, 0.3);
        }
        
        .auth-message.success {
            background-color: rgba(76, 175, 80, 0.1);
            color: #4caf50;
            border: 1px solid rgba(76, 175, 80, 0.3);
        }
        
        .btn-block {
            width: 100%;
        }
        
        .auth-form .password-container {
            position: relative;
        }
        
        .auth-form .password-toggle {
            position: absolute;
            right: 10px;
            top: 50%;
            transform: translateY(-50%);
            background: none;
            border: none;
            color: var(--text-muted);
            cursor: pointer;
        }
        
        .password-strength {
            height: 5px;
            margin-top: 5px;
            border-radius: 2px;
            transition: all 0.3s ease;
            background-color: #e0e0e0;
        }
        
        .password-strength-text {
            font-size: 0.8em;
            margin-top: 5px;
            text-align: right;
        }
        
        .strength-weak {
            width: 25%;
            background-color: #f44336;
        }
        
        .strength-medium {
            width: 50%;
            background-color: #ff9800;
        }
        
        .strength-strong {
            width: 75%;
            background-color: #2196f3;
        }
        
        .strength-very-strong {
            width: 100%;
            background-color: #4caf50;
        }
        
        .token-invalid {
            text-align: center;
            color: var(--text-color);
            display: none;
        }
        
        .token-invalid i {
            font-size: 48px;
            color: #f44336;
            margin-bottom: 20px;
        }
        
        .token-invalid h3 {
            margin-bottom: 15px;
        }
    </style>
</head>
<body>
    <!-- Header -->
    <header>
        <div class="container">
            <div class="app-title">
                <i class="fas fa-shield-alt"></i>
                <h1>Warranty Tracker</h1>
            </div>
        </div>
    </header>

    <!-- Main Content -->
    <div class="container">
        <div class="auth-container">
            <div id="resetForm">
                <h2 class="auth-title">Set New Password</h2>
                
                <div id="authMessage" class="auth-message"></div>
                
                <form id="passwordResetForm" class="auth-form">
                    <div class="form-group">
                        <label for="password">New Password</label>
                        <div class="password-container">
                            <input type="password" id="password" name="password" class="form-control" required>
                            <button type="button" class="password-toggle" title="Show/Hide Password">
                                <i class="fas fa-eye"></i>
                            </button>
                        </div>
                        <div class="password-strength" id="passwordStrength"></div>
                        <div class="password-strength-text" id="passwordStrengthText"></div>
                        <small class="form-text text-muted">Password must be at least 8 characters and include uppercase, lowercase, and numbers.</small>
                    </div>
                    
                    <div class="form-group">
                        <label for="confirmPassword">Confirm New Password</label>
                        <div class="password-container">
                            <input type="password" id="confirmPassword" name="confirmPassword" class="form-control" required>
                            <button type="button" class="password-toggle" title="Show/Hide Password">
                                <i class="fas fa-eye"></i>
                            </button>
                        </div>
                    </div>
                    
                    <input type="hidden" id="token" name="token">
                    
                    <button type="submit" class="btn btn-primary btn-block">
                        <i class="fas fa-lock"></i> Reset Password
                    </button>
                </form>
                
                <div class="auth-links">
                    <a href="login.html">Back to Login</a>
                </div>
            </div>
            
            <div id="tokenInvalid" class="token-invalid">
                <i class="fas fa-exclamation-circle"></i>
                <h3>Invalid or Expired Link</h3>
                <p>The password reset link you clicked is invalid or has expired.</p>
                <a href="reset-password-request.html" class="btn btn-primary">Request New Reset Link</a>
            </div>
        </div>
    </div>

    <script>
        document.addEventListener('DOMContentLoaded', function() {
            // Check if user is already logged in
            const token = localStorage.getItem('auth_token');
            if (token) {
                // Redirect to home page if already logged in
                window.location.href = 'index.html';
                return;
            }
            
            // Get token from URL
            const urlParams = new URLSearchParams(window.location.search);
            const resetToken = urlParams.get('token');
            
            // If no token in URL, check if we have a development token
            let tokenToUse = resetToken;
            if (!tokenToUse) {
                const devLink = localStorage.getItem('dev_reset_link');
                if (devLink) {
                    const devParams = new URLSearchParams(devLink);
                    tokenToUse = devParams.get('token');
                }
            }
            
            // If no token is available, show invalid token message
            if (!tokenToUse) {
                document.getElementById('resetForm').style.display = 'none';
                document.getElementById('tokenInvalid').style.display = 'block';
                return;
            }
            
            // Set token in hidden field
            document.getElementById('token').value = tokenToUse;
            
            // Verify token validity
            verifyToken(tokenToUse);
            
            // Toggle password visibility
            const passwordToggles = document.querySelectorAll('.password-toggle');
            
            passwordToggles.forEach(toggle => {
                toggle.addEventListener('click', function() {
                    const passwordInput = this.parentElement.querySelector('input');
                    const type = passwordInput.getAttribute('type') === 'password' ? 'text' : 'password';
                    passwordInput.setAttribute('type', type);
                    
                    // Toggle icon
                    const icon = this.querySelector('i');
                    icon.classList.toggle('fa-eye');
                    icon.classList.toggle('fa-eye-slash');
                });
            });
            
            // Password strength checker
            const passwordInput = document.getElementById('password');
            const passwordStrength = document.getElementById('passwordStrength');
            const passwordStrengthText = document.getElementById('passwordStrengthText');
            
            passwordInput.addEventListener('input', function() {
                const password = this.value;
                let strength = 0;
                let feedback = '';
                
                if (password.length >= 8) strength += 1;
                if (password.match(/[A-Z]/)) strength += 1;
                if (password.match(/[a-z]/)) strength += 1;
                if (password.match(/[0-9]/)) strength += 1;
                if (password.match(/[^A-Za-z0-9]/)) strength += 1;
                
                passwordStrength.className = 'password-strength';
                
                if (password.length === 0) {
                    passwordStrength.style.width = '0';
                    passwordStrengthText.textContent = '';
                } else if (strength < 2) {
                    passwordStrength.classList.add('strength-weak');
                    feedback = 'Weak';
                } else if (strength < 3) {
                    passwordStrength.classList.add('strength-medium');
                    feedback = 'Medium';
                } else if (strength < 5) {
                    passwordStrength.classList.add('strength-strong');
                    feedback = 'Strong';
                } else {
                    passwordStrength.classList.add('strength-very-strong');
                    feedback = 'Very Strong';
                }
                
                passwordStrengthText.textContent = feedback;
            });
            
            // Handle form submission
            const passwordResetForm = document.getElementById('passwordResetForm');
            const authMessage = document.getElementById('authMessage');
            
            passwordResetForm.addEventListener('submit', async function(e) {
                e.preventDefault();
                
                const password = document.getElementById('password').value;
                const confirmPassword = document.getElementById('confirmPassword').value;
                const token = document.getElementById('token').value;
                
                // Basic validation
                if (!password || !confirmPassword) {
                    showMessage('Please fill in all fields', 'error');
                    return;
                }
                
                if (password !== confirmPassword) {
                    showMessage('Passwords do not match', 'error');
                    return;
                }
                
                // Validate password strength
                if (password.length < 8 || !password.match(/[A-Z]/) || !password.match(/[a-z]/) || !password.match(/[0-9]/)) {
                    showMessage('Password must be at least 8 characters and include uppercase, lowercase, and numbers', 'error');
                    return;
                }
                
                try {
                    // Show loading state
                    const submitBtn = passwordResetForm.querySelector('button[type="submit"]');
                    const originalBtnText = submitBtn.innerHTML;
                    submitBtn.innerHTML = '<i class="fas fa-spinner fa-spin"></i> Resetting Password...';
                    submitBtn.disabled = true;
                    
                    // Make API request
                    const response = await fetch('/api/auth/password/reset', {
                        method: 'POST',
                        headers: {
                            'Content-Type': 'application/json'
                        },
                        body: JSON.stringify({
                            token,
                            password
                        })
                    });
                    
                    const data = await response.json();
                    
                    if (!response.ok) {
                        throw new Error(data.message || 'Password reset failed');
                    }
                    
                    // Show success message
                    showMessage('Password reset successful! Redirecting to login...', 'success');
                    
                    // Clear development token if it exists
                    localStorage.removeItem('dev_reset_link');
                    
                    // Redirect to login page after a short delay
                    setTimeout(() => {
                        window.location.href = 'login.html';
                    }, 2000);
                    
                } catch (error) {
                    console.error('Password reset error:', error);
                    showMessage(error.message || 'Password reset failed. Please try again.', 'error');
                    
                    // Reset button
                    submitBtn.innerHTML = originalBtnText;
                    submitBtn.disabled = false;
                }
            });
            
            // Helper function to show messages
            function showMessage(message, type) {
                authMessage.textContent = message;
                authMessage.className = 'auth-message';
                authMessage.classList.add(type);
                authMessage.style.display = 'block';
            }
            
            // Function to verify token validity
            async function verifyToken(token) {
                try {
                    const response = await fetch(`/api/auth/password/verify-token?token=${token}`);
                    const data = await response.json();
                    
                    if (!response.ok) {
                        throw new Error(data.message || 'Invalid token');
                    }
                    
                    // Token is valid, show the form
                    document.getElementById('resetForm').style.display = 'block';
                    document.getElementById('tokenInvalid').style.display = 'none';
                    
                } catch (error) {
                    console.error('Token verification error:', error);
                    
                    // Token is invalid, show error message
                    document.getElementById('resetForm').style.display = 'none';
                    document.getElementById('tokenInvalid').style.display = 'block';
                }
            }
            
            // Check for dark mode preference
            const darkModeEnabled = localStorage.getItem('darkMode') === 'enabled';
            if (darkModeEnabled) {
                document.body.classList.add('dark-mode');
            }
        });
        
        // Theme initialization
        function setTheme(isDark) {
            document.documentElement.setAttribute('data-theme', isDark ? 'dark' : 'light');
        }

        function initializeTheme() {
            // Check for saved theme preference
            const savedTheme = localStorage.getItem('darkMode');
            
            if (savedTheme !== null) {
                // Use saved preference
                setTheme(savedTheme === 'true');
            } else {
                // Use system preference as fallback
                const prefersDarkMode = window.matchMedia && window.matchMedia('(prefers-color-scheme: dark)').matches;
                setTheme(prefersDarkMode);
            }
        }

        // Initialize theme when page loads
        document.addEventListener('DOMContentLoaded', initializeTheme);
    </script>
</body>
</html>