Merge pull request #1016 from hpcc-systems/yadhap/expired-password-flow

Yadhap/expired password flow

Author: FancMa01

Tombolo/client-reactjs/src/components/login/ExpiredPassword.jsx

@@ -0,0 +1,113 @@
+// Imports from Library
+import React, { useState } from 'react';
+import { Button } from 'antd';
+import { CheckCircleFilled, CloseCircleFilled } from '@ant-design/icons';
+
+// Local Imports
+import { requestPasswordReset } from './utils';
+
+function ExpiredPassword({ email }) {
+  const [resetting, setResetting] = useState(false);
+  const [resetSuccess, setResetSuccess] = useState(false);
+  const [successMessage, setSuccessMessage] = useState('');
+  const [resetError, setResetError] = useState(false);
+
+  const passwordExpiredMessage = (
+    <div>
+      <span style={{ fontSize: '1.5rem', fontWeight: '700', color: 'var(--danger)' }}>Password Expired !</span>
+      <div>
+        Your password has expired because it was not changed within the required reset period or you have not logged in
+        for more than 90 days. To regain access to the application, please click the button below to request a password
+        reset.
+      </div>
+    </div>
+  );
+
+  // Success message
+  const SuccessMessage = (
+    <div>
+      <div
+        style={{
+          display: 'flex',
+          justifyContent: 'center',
+          alignItems: 'center',
+          gap: '1rem',
+          color: 'var(--success)',
+          fontSize: '1.5rem',
+          fontWeight: '700',
+        }}>
+        <CheckCircleFilled /> {successMessage}
+      </div>
+      <div style={{ fontSize: '1rem' }}>
+        Your password reset request has been submitted. An administrator will review your request and take the necessary
+        action.
+      </div>
+      <div>
+        {/* Go back to login Button */}
+        <Button color="primary" type="primary" href="/login">
+          Back to Login
+        </Button>
+      </div>
+    </div>
+  );
+
+  // Failure message
+  const ErrorMessage = (
+    <div>
+      <div
+        style={{
+          display: 'flex',
+          justifyContent: 'center',
+          alignItems: 'center',
+          gap: '1rem',
+          color: 'var(--danger)',
+          fontSize: '1.5rem',
+          fontWeight: '700',
+        }}>
+        <CloseCircleFilled /> Error Submitting Request
+      </div>
+      <div style={{ fontSize: '1rem' }}>
+        There was an error submitting your password reset request. Please try again or contact your system
+        administrator.
+      </div>
+    </div>
+  );
+
+  // Render message based on reset status
+  const renderMessage = {
+    resetSuccess: SuccessMessage,
+    resetError: ErrorMessage,
+    passwordExpiredMessage,
+  };
+
+  // Handle reset password button click
+  const handleResetPassword = async () => {
+    try {
+      setResetting(true);
+      const response = await requestPasswordReset({ email });
+      setSuccessMessage(response.message);
+      setResetting(false);
+      setResetSuccess(true);
+    } catch (err) {
+      setResetError(true);
+      setResetting(false);
+    }
+  };
+
+  //JSX
+  return (
+    <div style={{ display: 'flex', flexDirection: 'column', textAlign: 'center', alignItems: 'center', gap: '1rem' }}>
+      {resetSuccess && renderMessage.resetSuccess}
+      {resetError && renderMessage.resetError}
+      {!resetSuccess && !resetError && renderMessage.passwordExpiredMessage}
+
+      {resetSuccess || (
+        <Button color="primary" onClick={handleResetPassword} type="primary">
+          {resetting ? 'Requesting Password Reset' : 'Request Password Reset'}
+        </Button>
+      )}
+    </div>
+  );
+}
+
+export default ExpiredPassword;

Tombolo/client-reactjs/src/components/login/login.js

@@ -5,9 +5,11 @@ import { getDeviceInfo } from './utils';
 import { authActions } from '../../redux/actions/Auth';
 import { Constants } from '../common/Constants';
 import UnverifiedUser from './UnverifiedUser';
+import ExpiredPassword from './ExpiredPassword';
 
 const Login = () => {
   const [unverifiedUserLoginAttempt, setUnverifiedUserLoginAttempt] = useState(false);
+  const [expiredPassword, setExpiredPassword] = useState(false);
   const [loading, setLoading] = useState(false);
   const [azureLoginAttempted, setAzureLoginAttempted] = useState(false);
   const [email, setEmail] = useState(null);
@@ -29,6 +31,12 @@ const Login = () => {
       return;
     }
 
+    if (test?.type === 'password-expired') {
+      // window.location.href = '/expired-password';
+      setExpiredPassword(true);
+      return;
+    }
+
     if (test?.type === Constants.LOGIN_SUCCESS) {
       //reload page if login is succesful
       window.location.href = '/';
@@ -105,9 +113,11 @@ const Login = () => {
 
   return (
     <>
-      {unverifiedUserLoginAttempt ? (
+      {unverifiedUserLoginAttempt && (
         <UnverifiedUser setUnverifiedUserLoginAttempt={setUnverifiedUserLoginAttempt} email={email} />
-      ) : (
+      )}
+      {expiredPassword && <ExpiredPassword email={email} />}
+      {!unverifiedUserLoginAttempt && !expiredPassword && (
         <>
           <Form onFinish={onFinish} layout="vertical">
             {loading && (

Tombolo/client-reactjs/src/components/login/utils.js

@@ -85,3 +85,24 @@ export const resendVerificationCode = async (email) => {
 
   return responseJson;
 };
+
+// Make post request to request a password reset
+export const requestPasswordReset = async ({ email }) => {
+  const payload = {
+    method: 'POST',
+    headers: authHeader(),
+    body: JSON.stringify({ email }),
+  };
+
+  const response = await fetch('/api/auth/requestPasswordReset', payload);
+
+  // Get the data from the response
+  const responseJson = await response.json();
+
+  // Check if the response is ok
+  if (!response.ok) {
+    throw new Error(responseJson.message);
+  }
+
+  return responseJson;
+};

Tombolo/client-reactjs/src/redux/actions/Auth.js

@@ -14,7 +14,12 @@ async function login({ email, password, deviceInfo }) {
   clearStorage();
   const user = await loginBasicUserFunc(email, password, deviceInfo);
 
-  if (user && user?.message === 'unverified') {
+  if (user && user?.message === 'password-expired') {
+    return {
+      type: 'password-expired',
+      payload: null,
+    };
+  } else if (user && user?.message === 'unverified') {
     return {
       type: 'unverified',
       payload: null,
@@ -107,7 +112,9 @@ const loginBasicUserFunc = async (email, password, deviceInfo) => {
   const data = await response.json();
 
   if (response.status === 401) {
-    if (data.message === 'unverified') {
+    if (data.message === 'password-expired') {
+      return data;
+    } else if (data.message === 'unverified') {
       return data;
     } else {
       message.error(data.message);