Pierre-Olivier Mercier
71805cf65c
All checks were successful
continuous-integration/drone/push Build is passing
- Verify reset token before showing the form (GET), redirecting with an error immediately if the token is invalid or expired - Add peekResetToken to check token validity non-destructively - Fix POST form action to include query params so the URL check doesn't silently redirect to /lost before processing errors - Update page title and subtitle to reflect the reset step Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
26 lines
1.3 KiB
HTML
26 lines
1.3 KiB
HTML
{{template "header" .}}
|
|
<h1 class="page-title">Define your new password</h1>
|
|
<p class="page-subtitle">Choose a strong password to secure your account.</p>
|
|
|
|
<form method="post" action="reset?l={{ .login }}&t={{ .token }}">
|
|
{{if .error}}<div class="alert alert-error" role="alert">{{.error}}</div>{{end}}
|
|
<input type="hidden" name="csrf_token" value="{{ .csrf_token }}">
|
|
<div class="form-field">
|
|
<input required="" class="form-control" id="input_0" type="text" placeholder="Email" value="{{ .login }}" disabled="">
|
|
</div>
|
|
<input type="hidden" name="login" value="{{ .login }}">
|
|
<input type="hidden" name="token" value="{{ .token }}">
|
|
<div class="form-field">
|
|
<input autofocus name="newpassword" required="" class="form-control" id="input_2" type="password" placeholder="New password" autocomplete="new-password">
|
|
</div>
|
|
<div class="form-field">
|
|
<input name="new2password" required="" class="form-control" id="input_3" type="password" placeholder="Retype new password" autocomplete="new-password">
|
|
</div>
|
|
<div class="form-field">
|
|
<altcha-widget challengeurl="altcha-challenge"></altcha-widget>
|
|
</div>
|
|
<div class="btn-group">
|
|
<button class="btn btn-primary" type="submit">Reset my password</button>
|
|
</div>
|
|
</form>
|
|
{{template "footer" .}}
|