npm - @seaverse/auth-sdk - Versions diffs - 0.2.2 → 0.2.4 - Mend

@seaverse/auth-sdk 0.2.2 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md CHANGED Viewed

@@ -94,8 +94,17 @@ const registerResult = await client.register({
   password: 'SecurePassword123',
   username: 'johndoe',              // 可选，未提供则从邮箱自动生成
   invitation_code: 'INVITE123',     // 可选
+  frontend_url: 'https://mygame.com/verify',  // 可选，邮箱验证链接的前端URL，默认为 window.location.origin
 });
+// 检查注册结果
+if (registerResult.success) {
+  console.log('注册成功:', registerResult);
+} else if (registerResult.code === 'ACCOUNT_EXISTS') {
+  console.log('账户已存在，请直接登录');
+  console.log('错误详情:', registerResult.details);
+}
 // 登录
 const loginResult = await client.login({
   email: 'user@example.com',
@@ -117,6 +126,7 @@ await client.logout();
 // 忘记密码
 await client.forgotPassword({
   email: 'user@example.com',
+  frontend_url: 'https://mygame.com/',  // 可选，默认为 window.location.origin
 });
 // 重置密码
@@ -262,6 +272,34 @@ authModal.hide();
 authModal.destroy();
 ```
+#### 重置密码流程
+AuthModal 支持完整的密码重置流程：
+1. **用户触发忘记密码**：在登录界面点击 "Forgot Password?" 链接
+2. **发送重置邮件**：输入邮箱后，系统发送带有 `verify_token` 的重置链接
+3. **自动唤起重置弹窗**：用户点击邮件中的链接返回网站时，AuthModal 会自动检测 URL 中的 `verify_token` 参数并显示重置密码表单
+4. **设置新密码**：用户输入并确认新密码后提交
+5. **自动清理 URL**：重置成功后自动清除 URL 中的 `verify_token` 参数
+整个流程无需额外代码，AuthModal 会自动处理：
+```typescript
+// 1. 初始化 AuthModal（只需一次）
+const authModal = new AuthModal({
+  client,
+  // ... 其他配置
+});
+// 2. 用户点击邮件中的重置链接后，AuthModal 会自动：
+//    - 检测 URL 中的 ?verify_token=xxx 参数
+//    - 显示重置密码表单
+//    - 用户提交新密码
+//    - 调用 client.resetPassword() API
+//    - 清理 URL 中的 verify_token 参数
+//    - 显示成功消息
+```
 #### OAuth 配置说明
 `enableOAuth` 参数是**完全可选的**：
@@ -511,11 +549,11 @@ SDK支持以下环境：
 | 方法 | 参数 | 返回值 | 说明 |
 |------|------|--------|------|
-| `register()` | `{ email, password, username?, invitation_code? }` | `RegisterResponse` | 注册新用户 |
+| `register()` | `{ email, password, username?, invitation_code?, frontend_url? }` | `RegisterResponse` | 注册新用户，frontend_url 为邮箱验证链接的前端URL，默认为 window.location.origin |
 | `login()` | `{ email, password }` | `LoginResponse` | 用户登录 |
 | `getCurrentUser()` | - | `User` | 获取当前用户 |
 | `logout()` | - | `SuccessResponse` | 登出 |
-| `forgotPassword()` | `{ email }` | `SuccessResponse` | 忘记密码 |
+| `forgotPassword()` | `{ email, frontend_url? }` | `SuccessResponse` | 忘记密码，frontend_url 默认为 window.location.origin |
 | `resetPassword()` | `{ token, new_password }` | `SuccessResponse` | 重置密码 |
 | `setToken()` | `token: string` | `void` | 设置认证 token（OAuth 登录后使用） |
 | `getApiServiceToken()` | - | `ApiServiceTokenResponse` | 获取API Token |
@@ -560,6 +598,222 @@ SDK支持以下环境：
 | `getConversationStatus()` | `{ conversationId }` | `ConversationStatusResponse` | 获取对话状态 |
 | `getSpeechToken()` | - | `SpeechTokenResponse` | 获取语音Token |
+## 错误处理
+### 错误响应格式
+所有 API 错误都遵循统一的响应格式:
+```typescript
+interface ApiError {
+  success: false;           // 错误时始终为 false
+  error: string;            // 人类可读的错误消息
+  code?: string;            // 机器可读的错误码
+  details?: any;            // 额外的错误详情
+}
+```
+### 错误码
+SDK 提供了标准的错误码枚举:
+```typescript
+import { ErrorCode } from '@seaverse/auth-sdk';
+// 账户相关错误
+ErrorCode.ACCOUNT_EXISTS         // 账户已存在
+ErrorCode.ACCOUNT_NOT_FOUND      // 账户不存在
+ErrorCode.ACCOUNT_SUSPENDED      // 账户已被暂停
+ErrorCode.INVALID_CREDENTIALS    // 登录凭证无效
+ErrorCode.EMAIL_NOT_VERIFIED     // 邮箱未验证
+// 验证相关错误
+ErrorCode.INVALID_EMAIL          // 无效的邮箱地址
+ErrorCode.INVALID_PASSWORD       // 无效的密码
+ErrorCode.PASSWORD_TOO_WEAK      // 密码强度不够
+// 邀请码相关错误
+ErrorCode.INVALID_INVITATION_CODE // 无效的邀请码
+ErrorCode.INVITATION_REQUIRED     // 需要邀请码
+// Token 相关错误
+ErrorCode.INVALID_TOKEN          // 无效的 token
+ErrorCode.TOKEN_EXPIRED          // Token 已过期
+// 内部错误
+ErrorCode.INTERNAL_ERROR         // 服务器内部错误
+```
+### 错误处理最佳实践
+#### 1. 注册时处理重复用户
+由于后端在账户已存在时返回 200 OK（成功响应），所以前端不会抛出异常，而是在响应体中包含错误信息。
+```typescript
+import { ErrorCode } from '@seaverse/auth-sdk';
+const result = await client.register({
+  email: 'user@example.com',
+  password: 'password123',
+});
+// 检查响应中的 success 字段
+if (result.success) {
+  console.log('注册成功:', result);
+  // 进行后续操作，如自动登录
+} else if (result.code === ErrorCode.ACCOUNT_EXISTS) {
+  // 账户已存在，提示用户
+  const { email, app_id } = result.details;
+  console.log(`账户 ${email} 已存在于应用 ${app_id} 中`);
+  // 显示友好的提示信息
+  alert('This email is already registered. Please login instead.');
+  // 或者引导用户去登录
+  showLoginModal();
+} else {
+  // 处理其他错误
+  console.error('注册失败:', result.error);
+}
+```
+#### 2. 登录时处理各种错误
+```typescript
+try {
+  const result = await client.login({
+    email: 'user@example.com',
+    password: 'wrong-password',
+  });
+  console.log('登录成功:', result);
+} catch (error) {
+  const errorCode = error.response?.data?.code;
+  switch (errorCode) {
+    case ErrorCode.INVALID_CREDENTIALS:
+      showError('用户名或密码错误');
+      break;
+    case ErrorCode.EMAIL_NOT_VERIFIED:
+      showError('请先验证您的邮箱');
+      showResendVerificationButton();
+      break;
+    case ErrorCode.ACCOUNT_SUSPENDED:
+      showError('您的账户已被暂停，请联系管理员');
+      break;
+    default:
+      showError('登录失败，请稍后重试');
+  }
+}
+```
+#### 3. 通用错误处理函数
+```typescript
+import { ErrorCode } from '@seaverse/auth-sdk';
+function handleApiError(error: any) {
+  const apiError = error.response?.data;
+  if (!apiError) {
+    // 网络错误或其他未知错误
+    return {
+      title: '网络错误',
+      message: '请检查您的网络连接',
+    };
+  }
+  // 根据错误码返回用户友好的消息
+  const errorMessages: Record<string, { title: string; message: string }> = {
+    [ErrorCode.ACCOUNT_EXISTS]: {
+      title: '账户已存在',
+      message: '该邮箱已注册，请直接登录',
+    },
+    [ErrorCode.INVALID_CREDENTIALS]: {
+      title: '登录失败',
+      message: '用户名或密码错误',
+    },
+    [ErrorCode.EMAIL_NOT_VERIFIED]: {
+      title: '邮箱未验证',
+      message: '请先验证您的邮箱地址',
+    },
+    [ErrorCode.INVALID_INVITATION_CODE]: {
+      title: '邀请码无效',
+      message: '请检查您的邀请码是否正确',
+    },
+    [ErrorCode.TOKEN_EXPIRED]: {
+      title: '登录已过期',
+      message: '请重新登录',
+    },
+  };
+  return errorMessages[apiError.code] || {
+    title: '操作失败',
+    message: apiError.error || '发生未知错误',
+  };
+}
+// 使用示例
+try {
+  await client.register({ email, password });
+} catch (error) {
+  const { title, message } = handleApiError(error);
+  showNotification(title, message);
+}
+```
+#### 4. TypeScript 类型安全的错误处理
+```typescript
+import { ErrorCode, models } from '@seaverse/auth-sdk';
+async function safeRegister(email: string, password: string) {
+  // Register API now returns 200 OK for both success and account exists cases
+  const result = await client.register({ email, password });
+  if (result.success) {
+    return {
+      success: true,
+      data: result,
+    };
+  } else if (result.code === ErrorCode.ACCOUNT_EXISTS) {
+    // TypeScript knows the type of details
+    const details = result.details as models.AccountExistsErrorDetails;
+    return {
+      success: false,
+      error: 'ACCOUNT_EXISTS',
+      email: details.email,
+      appId: details.app_id,
+    };
+  } else {
+    return {
+      success: false,
+      error: result.error || 'Unknown error',
+    };
+  }
+}
+// Usage
+const registerResult = await safeRegister('user@example.com', 'password123');
+if (registerResult.success) {
+  console.log('Registration successful');
+} else if (registerResult.error === 'ACCOUNT_EXISTS') {
+  console.log(`Account already exists: ${registerResult.email}`);
+}
+```
+### HTTP 状态码对照
+| HTTP状态码 | 错误码示例 | 说明 |
+|-----------|----------|------|
+| 200 OK | `ACCOUNT_EXISTS` | 账户已存在（业务错误但返回成功响应） |
+| 400 Bad Request | `INVALID_EMAIL`, `PASSWORD_TOO_WEAK` | 请求参数无效 |
+| 401 Unauthorized | `INVALID_CREDENTIALS`, `TOKEN_EXPIRED` | 认证失败 |
+| 403 Forbidden | `EMAIL_NOT_VERIFIED`, `ACCOUNT_SUSPENDED` | 权限不足 |
+| 500 Internal Server Error | `INTERNAL_ERROR` | 服务器内部错误 |
+**注意**：对于注册接口，账户已存在的情况会返回 200 OK，但在响应体中 `success: false` 和 `code: "ACCOUNT_EXISTS"`。这样设计是为了前端能够更容易地处理这种常见的业务场景。
 ## 类型定义
 ```typescript

package/dist/index.cjs CHANGED Viewed

@@ -1136,9 +1136,37 @@ function resolveBaseURL(options) {
  * Type definitions for SeaVerse Dispatcher API
  * Generated from auth.yaml OpenAPI specification
  */
+// ============================================================================
+// Error Types
+// ============================================================================
+/**
+ * Error codes for authentication system
+ */
+exports.ErrorCode = void 0;
+(function (ErrorCode) {
+    // Account errors
+    ErrorCode["ACCOUNT_EXISTS"] = "ACCOUNT_EXISTS";
+    ErrorCode["ACCOUNT_NOT_FOUND"] = "ACCOUNT_NOT_FOUND";
+    ErrorCode["ACCOUNT_SUSPENDED"] = "ACCOUNT_SUSPENDED";
+    ErrorCode["INVALID_CREDENTIALS"] = "INVALID_CREDENTIALS";
+    ErrorCode["EMAIL_NOT_VERIFIED"] = "EMAIL_NOT_VERIFIED";
+    // Validation errors
+    ErrorCode["INVALID_EMAIL"] = "INVALID_EMAIL";
+    ErrorCode["INVALID_PASSWORD"] = "INVALID_PASSWORD";
+    ErrorCode["PASSWORD_TOO_WEAK"] = "PASSWORD_TOO_WEAK";
+    // Invitation errors
+    ErrorCode["INVALID_INVITATION_CODE"] = "INVALID_INVITATION_CODE";
+    ErrorCode["INVITATION_REQUIRED"] = "INVITATION_REQUIRED";
+    // Token errors
+    ErrorCode["INVALID_TOKEN"] = "INVALID_TOKEN";
+    ErrorCode["TOKEN_EXPIRED"] = "TOKEN_EXPIRED";
+    // Internal errors
+    ErrorCode["INTERNAL_ERROR"] = "INTERNAL_ERROR";
+})(exports.ErrorCode || (exports.ErrorCode = {}));
 var models = /*#__PURE__*/Object.freeze({
-    __proto__: null
+    __proto__: null,
+    get ErrorCode () { return exports.ErrorCode; }
 });
 /**
@@ -1276,10 +1304,12 @@ class SeaVerseBackendAPIClient {
      * Register a new user with email verification
      */
     async register(data, options) {
+        // 如果没有传 frontend_url，使用当前页面地址
+        const frontend_url = data.frontend_url || (typeof window !== 'undefined' ? window.location.origin : '');
         const config = {
             method: 'POST',
             url: `/sdk/v1/auth/register`,
-            data,
+            data: { ...data, frontend_url },
             headers: {
                 'X-Operation-Id': 'register',
                 ...options?.headers,
@@ -1346,10 +1376,12 @@ class SeaVerseBackendAPIClient {
      * Send password reset email
      */
     async forgotPassword(data, options) {
+        // 如果没有传 frontend_url，使用当前页面地址
+        const frontend_url = data.frontend_url || (typeof window !== 'undefined' ? window.location.origin : '');
         const config = {
             method: 'POST',
             url: `/sdk/v1/auth/forgot-password`,
-            data,
+            data: { ...data, frontend_url },
             headers: {
                 'X-Operation-Id': 'forgotPassword',
                 ...options?.headers,
@@ -1786,8 +1818,11 @@ class AuthModal {
     constructor(options) {
         this.modal = null;
         this.currentView = 'login';
+        this.resetToken = null;
         this.client = options.client;
         this.options = options;
+        // Auto-detect reset token in URL
+        this.checkForResetToken();
     }
     /**
      * Show the authentication modal
@@ -1895,6 +1930,9 @@ class AuthModal {
         // Forgot password form
         const forgotForm = this.createForgotPasswordForm();
         rightPanel.appendChild(forgotForm);
+        // Reset password form
+        const resetForm = this.createResetPasswordForm();
+        rightPanel.appendChild(resetForm);
         // Success message
         const successMessage = this.createSuccessMessage();
         rightPanel.appendChild(successMessage);
@@ -2148,6 +2186,86 @@ class AuthModal {
         container.appendChild(footer);
         return container;
     }
+    createResetPasswordForm() {
+        const container = document.createElement('div');
+        container.id = 'resetPasswordForm';
+        container.className = 'auth-form-view hidden';
+        // Icon
+        const icon = document.createElement('div');
+        icon.className = 'forgot-password-icon';
+        const iconContent = '<div class="icon-glow"></div><svg class="icon-lock" width="56" height="56" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"><rect x="3" y="11" width="18" height="11" rx="2" ry="2"/><path class="lock-shackle" d="M7 11V7a5 5 0 0 1 10 0v4"/><circle class="lock-keyhole" cx="12" cy="16" r="1.5"/></svg>';
+        icon.innerHTML = iconContent;
+        container.appendChild(icon);
+        // Header
+        const header = document.createElement('div');
+        header.className = 'auth-form-header';
+        const title = document.createElement('h2');
+        title.className = 'auth-form-title';
+        title.textContent = 'Set New Password';
+        const subtitle = document.createElement('p');
+        subtitle.className = 'auth-form-subtitle';
+        subtitle.textContent = 'Enter your new password below';
+        header.appendChild(title);
+        header.appendChild(subtitle);
+        container.appendChild(header);
+        // Form
+        const form = document.createElement('form');
+        form.id = 'resetPasswordFormElement';
+        form.className = 'auth-form';
+        // New password field
+        const passwordGroup = document.createElement('div');
+        passwordGroup.className = 'form-group';
+        const passwordLabel = document.createElement('label');
+        passwordLabel.htmlFor = 'newPassword';
+        passwordLabel.className = 'form-label';
+        passwordLabel.textContent = 'New Password';
+        passwordGroup.appendChild(passwordLabel);
+        const passwordInputWrapper = this.createPasswordInput('newPassword', 'Enter new password');
+        passwordGroup.appendChild(passwordInputWrapper);
+        const strengthText = document.createElement('p');
+        strengthText.className = 'strength-text';
+        strengthText.textContent = 'Use 8+ characters with mix of letters, numbers & symbols';
+        passwordGroup.appendChild(strengthText);
+        form.appendChild(passwordGroup);
+        // Confirm password field
+        const confirmGroup = document.createElement('div');
+        confirmGroup.className = 'form-group';
+        const confirmLabel = document.createElement('label');
+        confirmLabel.htmlFor = 'newPasswordConfirm';
+        confirmLabel.className = 'form-label';
+        confirmLabel.textContent = 'Confirm New Password';
+        confirmGroup.appendChild(confirmLabel);
+        const confirmInputWrapper = this.createPasswordInput('newPasswordConfirm', 'Confirm new password');
+        confirmGroup.appendChild(confirmInputWrapper);
+        form.appendChild(confirmGroup);
+        const submitBtn = document.createElement('button');
+        submitBtn.type = 'submit';
+        submitBtn.id = 'resetPasswordButton';
+        submitBtn.className = 'btn-auth-primary btn-forgot-password';
+        const btnText = document.createElement('span');
+        btnText.className = 'btn-text';
+        btnText.textContent = 'Reset Password';
+        const btnLoader = document.createElement('span');
+        btnLoader.className = 'btn-loader hidden';
+        const spinnerSVG = '<svg class="spinner" viewBox="0 0 24 24"><circle class="spinner-track" cx="12" cy="12" r="10"></circle><circle class="spinner-circle" cx="12" cy="12" r="10"></circle></svg>';
+        btnLoader.innerHTML = spinnerSVG;
+        submitBtn.appendChild(btnText);
+        submitBtn.appendChild(btnLoader);
+        form.appendChild(submitBtn);
+        container.appendChild(form);
+        // Footer
+        const footer = document.createElement('div');
+        footer.className = 'auth-footer forgot-footer';
+        const backLink = document.createElement('a');
+        backLink.href = '#';
+        backLink.id = 'backToLoginFromReset';
+        backLink.className = 'back-to-login';
+        const backLinkHTML = '<svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M19 12H5M12 19l-7-7 7-7"/></svg><span>Back to Sign In</span>';
+        backLink.innerHTML = backLinkHTML;
+        footer.appendChild(backLink);
+        container.appendChild(footer);
+        return container;
+    }
     createSuccessMessage() {
         const container = document.createElement('div');
         container.id = 'authMessage';
@@ -2237,6 +2355,20 @@ class AuthModal {
         button.appendChild(span);
         return button;
     }
+    /**
+     * Check if URL contains reset token and auto-show reset password form
+     */
+    checkForResetToken() {
+        const urlParams = new URLSearchParams(window.location.search);
+        const verifyToken = urlParams.get('verify_token');
+        if (verifyToken) {
+            this.resetToken = verifyToken;
+            // Auto-show modal with reset password form
+            setTimeout(() => {
+                this.show('reset-password');
+            }, 100);
+        }
+    }
     bindEventListeners() {
         if (!this.modal)
             return;
@@ -2267,6 +2399,11 @@ class AuthModal {
             e.preventDefault();
             this.switchView('login');
         });
+        const backToLoginFromReset = this.modal.querySelector('#backToLoginFromReset');
+        backToLoginFromReset?.addEventListener('click', (e) => {
+            e.preventDefault();
+            this.switchView('login');
+        });
         // Password toggle
         const passwordToggles = this.modal.querySelectorAll('.toggle-password');
         passwordToggles.forEach((toggle) => {
@@ -2297,6 +2434,8 @@ class AuthModal {
         signupForm?.addEventListener('submit', (e) => this.handleSignup(e));
         const forgotForm = this.modal.querySelector('#forgotPasswordFormElement');
         forgotForm?.addEventListener('submit', (e) => this.handleForgotPassword(e));
+        const resetPasswordForm = this.modal.querySelector('#resetPasswordFormElement');
+        resetPasswordForm?.addEventListener('submit', (e) => this.handleResetPassword(e));
         // OAuth social login buttons
         this.bindSocialLoginButtons();
     }
@@ -2343,7 +2482,7 @@ class AuthModal {
     switchView(view) {
         if (!this.modal)
             return;
-        const views = ['loginForm', 'signupForm', 'forgotPasswordForm', 'authMessage'];
+        const views = ['loginForm', 'signupForm', 'forgotPasswordForm', 'resetPasswordForm', 'authMessage'];
         views.forEach((viewId) => {
             const element = this.modal.querySelector(`#${viewId}`);
             element?.classList.add('hidden');
@@ -2352,6 +2491,7 @@ class AuthModal {
             login: 'loginForm',
             signup: 'signupForm',
             forgot: 'forgotPasswordForm',
+            'reset-password': 'resetPasswordForm',
             message: 'authMessage',
         };
         const targetView = this.modal.querySelector(`#${viewMap[view]}`);
@@ -2444,13 +2584,22 @@ class AuthModal {
                     this.showMessage('Account Created', response.message || 'Your account has been created successfully!');
                 }
             }
+            else if (response.code === exports.ErrorCode.ACCOUNT_EXISTS) {
+                // Handle account already exists error
+                this.showMessage('Account Already Exists', 'This email is already registered. Please login instead.');
+            }
             else {
-                throw new Error('Registration failed');
+                throw new Error(response.error || 'Registration failed');
             }
         }
         catch (error) {
-            // Handle error
-            const errorMessage = error instanceof Error ? error.message : 'Signup failed';
+            // Handle HTTP errors
+            if (error.response?.data?.code === exports.ErrorCode.ACCOUNT_EXISTS) {
+                this.showMessage('Account Already Exists', 'This email is already registered. Please login instead.');
+                return;
+            }
+            // Handle other errors
+            const errorMessage = error.response?.data?.error || error.message || 'Signup failed';
             this.showError(errorMessage);
             if (this.options.onError) {
                 this.options.onError(error);
@@ -2473,8 +2622,8 @@ class AuthModal {
         try {
             // Show loading state
             submitBtn.disabled = true;
-            // TODO: Call forgot password API when available
-            // await this.client.postapiauthforgotpassword({ email });
+            // Call forgot password API
+            await this.client.forgotPassword({ email });
             // Show success message
             this.showMessage('Reset Link Sent', `We've sent a password reset link to ${email}`);
         }
@@ -2491,6 +2640,61 @@ class AuthModal {
             submitBtn.disabled = false;
         }
     }
+    async handleResetPassword(e) {
+        e.preventDefault();
+        const passwordInput = this.modal?.querySelector('#newPassword');
+        const passwordConfirmInput = this.modal?.querySelector('#newPasswordConfirm');
+        const submitBtn = this.modal?.querySelector('#resetPasswordButton');
+        const btnText = submitBtn?.querySelector('.btn-text');
+        const btnLoader = submitBtn?.querySelector('.btn-loader');
+        if (!passwordInput || !passwordConfirmInput || !submitBtn)
+            return;
+        const newPassword = passwordInput.value;
+        const confirmPassword = passwordConfirmInput.value;
+        // Validate passwords match
+        if (newPassword !== confirmPassword) {
+            this.showError('Passwords do not match');
+            return;
+        }
+        // Validate token exists
+        if (!this.resetToken) {
+            this.showError('Reset token is missing. Please use the link from your email.');
+            return;
+        }
+        try {
+            // Show loading state
+            submitBtn.disabled = true;
+            btnText?.classList.add('hidden');
+            btnLoader?.classList.remove('hidden');
+            // Call reset password API
+            await this.client.resetPassword({
+                token: this.resetToken,
+                new_password: newPassword,
+            });
+            // Clean up URL (remove verify_token from query string)
+            const url = new URL(window.location.href);
+            url.searchParams.delete('verify_token');
+            window.history.replaceState({}, document.title, url.toString());
+            // Clear reset token
+            this.resetToken = null;
+            // Show success message
+            this.showMessage('Password Reset Successful', 'Your password has been updated successfully. You can now log in with your new password.');
+        }
+        catch (error) {
+            // Handle error
+            const errorMessage = error instanceof Error ? error.message : 'Failed to reset password';
+            this.showError(errorMessage);
+            if (this.options.onError) {
+                this.options.onError(error);
+            }
+        }
+        finally {
+            // Reset loading state
+            submitBtn.disabled = false;
+            btnText?.classList.remove('hidden');
+            btnLoader?.classList.add('hidden');
+        }
+    }
     showMessage(title, message) {
         if (!this.modal)
             return;