@salesforce/webapp-template-feature-react-authentication-experimental 1.18.0 → 1.19.0

package/dist/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.19.0](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.18.0...v1.19.0) (2026-02-10)
+
+**Note:** Version bump only for package @salesforce/webapp-template-base-sfdx-project-experimental
+
+
+
+
+
 # [1.18.0](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.17.1...v1.18.0) (2026-02-10)
 
 **Note:** Version bump only for package @salesforce/webapp-template-base-sfdx-project-experimental

package/dist/force-app/main/default/classes/WebAppChangePassword.cls

@@ -32,12 +32,12 @@ global with sharing class WebAppChangePassword {
             // System.SecurityException is a user error but treat others as system errors
             if (ex instanceof System.SecurityException) {
                 RestContext.response.statusCode = 400;
-                return new ErrorPasswordChangeResponse(ex.getMessage());     
+                return new ErrorPasswordChangeResponse(ex.getMessage());
             }
 
             // Logs are only captured if a Trace Flag is active for the user
             WebAppAuthUtils.debugLog(ex, LoggingLevel.ERROR);
-            
+
             RestContext.response.statusCode = 500;
             return new ErrorPasswordChangeResponse('Password change failed');
         }
@@ -47,7 +47,7 @@ global with sharing class WebAppChangePassword {
     global abstract class PasswordChangeResponse {
         
         /** Success or failure of the password change operation */
-        private Boolean success;
+        protected final Boolean success;
     }
 
     /** Success response for password change. */
@@ -63,7 +63,7 @@ global with sharing class WebAppChangePassword {
     global class ErrorPasswordChangeResponse extends PasswordChangeResponse {
 
         /** Error message describing the failure reason */
-        private String error;
+        private final String error;
         
         /**
          * Constructs an error response with the specified error message.

package/dist/force-app/main/default/classes/WebAppForgotPassword.cls

@@ -0,0 +1,71 @@
+/**
+ * REST endpoint for Web Applications forgot password functionality.
+ *
+ * Endpoint: POST /services/apexrest/auth/forgot-password
+ *
+ * Sends a password reset email to the user's registered email address.
+ */
+@RestResource(urlMapping='/auth/forgot-password')
+global with sharing class WebAppForgotPassword {
+
+    /**
+     * Initiates the forgot password process by sending a reset email.
+     * @param email User's email address (used as username).
+     * @return ForgotPasswordResponse with success status or error message.
+     */
+    @HttpPost
+    global static ForgotPasswordResponse forgotPassword(String username) {
+        try {
+            username = username.trim().toLowerCase();
+
+            if (String.isBlank(username)) {
+                RestContext.response.statusCode = 400;
+                return new ErrorForgotPasswordResponse('Username is required.');
+            }
+            
+            // [Dev Note] This will send a password reset link to the user's email address
+            // if the username exists.
+            Site.forgotPassword(username);
+
+            return new SuccessForgotPasswordResponse();
+        } catch (Exception ex) {
+            // Logs are only captured if a Trace Flag is active for the user
+            WebAppAuthUtils.debugLog(ex, LoggingLevel.ERROR);
+
+            RestContext.response.statusCode = 500;
+            return new ErrorForgotPasswordResponse('Could not send password reset link.');
+        }
+    }
+
+    /** Base response class for forgot password operations. */
+    global abstract class ForgotPasswordResponse {
+    
+        /** Success or failure of the forgot password operation */
+        protected final Boolean success;
+    }
+
+    /** Success response for forgot password. */
+    global class SuccessForgotPasswordResponse extends ForgotPasswordResponse {
+
+        /** Constructs a success response. */
+        private SuccessForgotPasswordResponse() {
+            this.success = true;
+        }
+    }
+
+    /** Error response for forgot password. */
+    global class ErrorForgotPasswordResponse extends ForgotPasswordResponse {
+
+        /** Error message describing the failure reason */
+        private final String error;
+        
+        /**
+         * Constructs an error response with the specified error message.
+         * @param error The error message to return to the client.
+         */
+        private ErrorForgotPasswordResponse(String error) {
+            this.success = false;
+            this.error = error;
+        }
+    }
+}

package/dist/force-app/main/default/classes/WebAppForgotPassword.cls-meta.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ApexClass xmlns="http://soap.sforce.com/2006/04/metadata">
+    <apiVersion>66.0</apiVersion>
+    <status>Active</status>
+</ApexClass>

package/dist/force-app/main/default/webapplications/feature-react-authentication/src/pages/ForgotPassword.tsx

@@ -24,7 +24,7 @@ export default function ForgotPassword() {
 			try {
 				// [Dev Note] Custom Apex Endpoint: /auth/forgot-password
 				// You must ensure this Apex class exists in your org
-				const response = await baseClient.post("/services/apexrest/auth/forgot-password", {
+				const response = await baseClient.post("/sfdcapi/services/apexrest/auth/forgot-password", {
 					username: value.username.trim(),
 				});
 				await handleApiResponse(response, "Failed to send reset link");
@@ -47,7 +47,7 @@ export default function ForgotPassword() {
 						success &&
 						"If that username exists in our system, you will receive a reset link shortly."
 					}
-					submit={{ text: "Send Reset Link", loadingText: "Sending…" }}
+					submit={{ text: "Send Reset Link", loadingText: "Sending…", disabled: success }}
 					footer={{ text: "Remember your password?", link: ROUTES.LOGIN.PATH, linkText: "Sign in" }}
 				>
 					<form.AppField name="username">

package/dist/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-base-sfdx-project-experimental",
-  "version": "1.18.0",
+  "version": "1.19.0",
   "description": "Base SFDX project template",
   "private": true,
   "files": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-feature-react-authentication-experimental",
-  "version": "1.18.0",
+  "version": "1.19.0",
   "description": "Authentication feature for web applications",
   "license": "SEE LICENSE IN LICENSE.txt",
   "author": "",
@@ -19,7 +19,7 @@
     "watch": "npx tsx ../../cli/src/index.ts watch-patches packages/template/feature/feature-react-authentication packages/template/base-app/base-react-app packages/template/feature/feature-react-authentication/dist"
   },
   "devDependencies": {
-    "@salesforce/webapp-experimental": "^1.18.0",
+    "@salesforce/webapp-experimental": "^1.19.0",
     "@tanstack/react-form": "^1.27.7",
     "@types/react": "^19.2.7",
     "@types/react-dom": "^19.2.3",
@@ -27,5 +27,5 @@
     "react-router": "^7.10.1",
     "vite": "^7.3.1"
   },
-  "gitHead": "0124175b10a8edfef2ce151e694518162b0cea68"
+  "gitHead": "c1f95d9a5be696497de6f79a6d293b8605fc860a"
 }