feat: add reset password flow

glitchedmob · glitchedmob · commit b9a7c7af1f18 · 2026-05-02T13:44:31.000-05:00
diff --git a/SgfDevs/Controllers/AccountController.cs b/SgfDevs/Controllers/AccountController.cs
@@ -224,6 +224,34 @@ public async Task<IActionResult> ForgotPassword(ForgotPasswordModel model)
         return Redirect("/forgotten-password");
     }
 
+    [HttpPost]
+    public async Task<IActionResult> ResetPassword(ResetPasswordModel model)
+    {
+        if (!ModelState.IsValid)
+            return CurrentUmbracoPage();
+
+        var member = await _memberManager.FindByIdAsync(model.MemberId);
+        if (member == null)
+        {
+            ModelState.AddModelError(string.Empty, "This reset link is invalid or has expired.");
+            return CurrentUmbracoPage();
+        }
+
+        var result = await _memberManager.ResetPasswordAsync(member, model.Token, model.Password);
+        if (!result.Succeeded)
+        {
+            foreach (var error in result.Errors)
+            {
+                ModelState.AddModelError(string.Empty, error.Description);
+            }
+
+            return CurrentUmbracoPage();
+        }
+
+        TempData["LoginMessage"] = "Your password has been updated. Please log in.";
+        return Redirect("/login");
+    }
+
     [HttpPost]
     [UmbracoMemberAuthorize]
     public async Task<IActionResult> ProfileUpdate(MemberProfile profile)
diff --git a/SgfDevs/Models/PasswordValidationRules.cs b/SgfDevs/Models/PasswordValidationRules.cs
@@ -0,0 +1,7 @@
+namespace SGFDevs.Models;
+
+public static class PasswordValidationRules
+{
+    public const string Pattern = "^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$";
+    public const string ErrorMessage = "You know the drill.. Password must contain at least one upper and lowercase letter, a numeric digit, a special character, and be at least 8 characters long.";
+}
diff --git a/SgfDevs/Models/RegisterModel.cs b/SgfDevs/Models/RegisterModel.cs
@@ -22,11 +22,11 @@ public class RegisterModel
 
     [Required]
     [DataType(DataType.Password)]
-    [RegularExpression("^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$", ErrorMessage ="You know the drill.. Password must contain at least one upper and lowercase letter, a numeric digit, a special character, and be at least 8 characters long.")]
+    [RegularExpression(PasswordValidationRules.Pattern, ErrorMessage = PasswordValidationRules.ErrorMessage)]
     public string Password { get; set; }
 
     [Required]
     [Display(Name = "Null Check")]
     [RegularExpression("SGF|sgf", ErrorMessage = "Better luck next time.")]
     public string ChallengeQuestion { get; set; }
-}
+}
diff --git a/SgfDevs/Models/ResetPasswordModel.cs b/SgfDevs/Models/ResetPasswordModel.cs
@@ -0,0 +1,23 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace SGFDevs.Models;
+
+public class ResetPasswordModel
+{
+    [Required]
+    public string MemberId { get; set; }
+
+    [Required]
+    public string Token { get; set; }
+
+    [Required]
+    [DataType(DataType.Password)]
+    [RegularExpression(PasswordValidationRules.Pattern, ErrorMessage = PasswordValidationRules.ErrorMessage)]
+    public string Password { get; set; }
+
+    [Required]
+    [DataType(DataType.Password)]
+    [Compare(nameof(Password), ErrorMessage = "Passwords do not match.")]
+    [Display(Name = "Confirm Password")]
+    public string ConfirmPassword { get; set; }
+}
diff --git a/SgfDevs/Views/Components/Login/Default.cshtml b/SgfDevs/Views/Components/Login/Default.cshtml
@@ -3,6 +3,10 @@
 
 
 <div class="container">
+    @if (TempData["LoginMessage"] is string loginMessage)
+    {
+        <p>@loginMessage</p>
+    }
     <p>@ViewData["Login"]</p>
     <p>@ViewData["invalid"]</p>
     <p>@ViewData["LoginInvalid"]</p>
diff --git a/SgfDevs/Views/Components/ResetPassword/Default.cshtml b/SgfDevs/Views/Components/ResetPassword/Default.cshtml
@@ -0,0 +1,44 @@
+@inherits Umbraco.Cms.Web.Common.Views.UmbracoViewPage<SGFDevs.Models.ResetPasswordModel>
+
+<div class="container">
+    <div class="form">
+        <header>
+            <h1>Reset your password</h1>
+            <p>Choose a new password for your Springfield Devs account.</p>
+        </header>
+
+        @if (string.IsNullOrWhiteSpace(Model.MemberId) || string.IsNullOrWhiteSpace(Model.Token))
+        {
+            <p>This reset link is invalid or has expired.</p>
+            <p><a href="/forgotten-password">Request a new reset link</a></p>
+        }
+        else
+        {
+            @using (Html.BeginUmbracoForm("ResetPassword", "Account", FormMethod.Post))
+            {
+                @Html.ValidationSummary(true)
+                <input asp-for="MemberId" type="hidden" />
+                <input asp-for="Token" type="hidden" />
+
+                <div class="field">
+                    <label asp-for="Password"></label>
+                    <input asp-for="Password" class="form-control" />
+                    <span asp-validation-for="Password" class="text-danger"></span>
+                </div>
+
+                <div class="field">
+                    <label asp-for="ConfirmPassword"></label>
+                    <input asp-for="ConfirmPassword" class="form-control" />
+                    <span asp-validation-for="ConfirmPassword" class="text-danger"></span>
+                </div>
+
+                <footer>
+                    <button class="button tall wide" type="submit">Update password</button>
+                    <p><a href="/login">Back to login</a></p>
+                </footer>
+            }
+        }
+    </div>
+</div>
+
+<div class="mt_75"></div>
diff --git a/SgfDevs/Views/Components/ResetPassword/ResetPasswordViewComponent.cs b/SgfDevs/Views/Components/ResetPassword/ResetPasswordViewComponent.cs
@@ -0,0 +1,16 @@
+using Microsoft.AspNetCore.Mvc;
+using SGFDevs.Models;
+
+namespace SGFDevs.Views.Components.ResetPassword;
+
+public class ResetPasswordViewComponent : ViewComponent
+{
+    public IViewComponentResult Invoke(string memberId, string token)
+    {
+        return View(new ResetPasswordModel
+        {
+            MemberId = memberId,
+            Token = token,
+        });
+    }
+}
diff --git a/SgfDevs/Views/ResetPassword.cshtml b/SgfDevs/Views/ResetPassword.cshtml
@@ -0,0 +1,25 @@
+﻿@using Umbraco.Cms.Web.Common.PublishedModels;
+@inherits Umbraco.Cms.Web.Common.Views.UmbracoViewPage<ContentModels.ResetPassword>
+@using ContentModels = Umbraco.Cms.Web.Common.PublishedModels;
+
+@{
+    var memberId = Context.Request.Query["memberId"].ToString();
+    var token = Context.Request.Query["token"].ToString();
+}
+
+@section Head
+{
+    <style>
+        .validation-summary-errors {
+            color: red;
+            font-weight: bold;
+        }
+    </style>
+}
+
+@section Scripts {
+    <script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.16.0/jquery.validate.min.js"></script>
+    <script src="https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js"></script>
+}
+
+@await Component.InvokeAsync("ResetPassword", new { memberId, token })
