stem-lab-toolkit 1.0.1 → 1.0.3

package/change-password.html

@@ -0,0 +1,168 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<script>
+(function(){
+  if(sessionStorage.getItem('mm_auth')!=='true'){window.location.replace('./index.html');return;}
+  if(sessionStorage.getItem('mm_force_change')!=='true'){
+    var rank=sessionStorage.getItem('mm_rank');
+    if(rank==='administrator'){window.location.replace('./admin.html');}
+    else if(rank==='admin'){window.location.replace('./control-panel.html');}
+    else{window.location.replace('./browse.html');}
+  }
+})();
+</script>
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Change Password — MM Games</title>
+<link rel="icon" type="image/png" href="/assets/favicon.png">
+<style>
+  *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+  body {
+    min-height: 100dvh;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    background: #f3f4f6;
+    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+    padding: 24px;
+  }
+  .card {
+    background: #fff;
+    border-radius: 16px;
+    padding: 36px 32px 32px;
+    width: 100%;
+    max-width: 380px;
+    box-shadow: 0 4px 24px rgba(0,0,0,.09);
+    border: 1px solid #e5e7eb;
+  }
+  .icon {
+    width: 48px; height: 48px;
+    background: #fef3c7;
+    border-radius: 12px;
+    display: flex; align-items: center; justify-content: center;
+    font-size: 1.4rem;
+    margin-bottom: 16px;
+  }
+  h1 { font-size: 1.15rem; font-weight: 700; color: #111827; margin-bottom: 6px; }
+  .sub { font-size: 0.85rem; color: #6b7280; margin-bottom: 28px; line-height: 1.5; }
+  .field { margin-bottom: 14px; }
+  label {
+    display: block;
+    font-size: 0.78rem; font-weight: 600;
+    color: #6b7280;
+    text-transform: uppercase; letter-spacing: .04em;
+    margin-bottom: 5px;
+  }
+  input {
+    width: 100%;
+    padding: 10px 13px;
+    border: 1.5px solid #e5e7eb;
+    border-radius: 8px;
+    font-size: 0.9rem;
+    outline: none;
+    font-family: inherit;
+    transition: border-color .15s, box-shadow .15s;
+    color: #111827;
+  }
+  input:focus { border-color: #2563eb; box-shadow: 0 0 0 3px rgba(37,99,235,.1); }
+  .msg { font-size: 0.82rem; min-height: 1.2em; margin: 8px 0 4px; }
+  .msg.error { color: #b91c1c; }
+  .msg.ok    { color: #15803d; }
+  .submit {
+    width: 100%;
+    background: #2563eb; color: #fff;
+    border: none; border-radius: 8px;
+    padding: 12px; font-size: 0.9rem; font-weight: 600;
+    cursor: pointer; font-family: inherit;
+    margin-top: 6px; transition: background .15s;
+  }
+  .submit:hover { background: #1d4ed8; }
+  .submit:disabled { opacity: .55; cursor: not-allowed; }
+</style>
+</head>
+<body>
+<div class="card">
+  <div class="icon">&#128274;</div>
+  <h1>Password Change Required</h1>
+  <p class="sub">Your account requires a password change before you can continue. Please set a new password below.</p>
+
+  <div class="field">
+    <label>Current Password</label>
+    <input id="cur" type="password" autocomplete="current-password" placeholder="Current password">
+  </div>
+  <div class="field">
+    <label>New Password</label>
+    <input id="nw" type="password" autocomplete="new-password" placeholder="New password (min 6 chars)">
+  </div>
+  <div class="field">
+    <label>Confirm New Password</label>
+    <input id="con" type="password" autocomplete="new-password" placeholder="Confirm new password">
+  </div>
+
+  <div class="msg" id="msg"></div>
+  <button class="submit" id="submit-btn">Set New Password</button>
+</div>
+
+<script>
+(function () {
+  var curEl  = document.getElementById('cur');
+  var newEl  = document.getElementById('nw');
+  var conEl  = document.getElementById('con');
+  var msgEl  = document.getElementById('msg');
+  var subBtn = document.getElementById('submit-btn');
+
+  curEl.focus();
+
+  [curEl, newEl, conEl].forEach(function (el) {
+    el.addEventListener('keydown', function (e) { if (e.key === 'Enter') doChange(); });
+  });
+  subBtn.addEventListener('click', doChange);
+
+  async function doChange() {
+    var username = sessionStorage.getItem('mm_username') || '';
+    var cur = curEl.value;
+    var nw  = newEl.value;
+    var con = conEl.value;
+
+    msgEl.className = 'msg error';
+    if (!username) { msgEl.textContent = 'Session error — please log in again.'; return; }
+    if (!cur || !nw || !con) { msgEl.textContent = 'All fields are required.'; return; }
+    if (nw !== con) { msgEl.textContent = 'New passwords do not match.'; return; }
+    if (nw.length < 6) { msgEl.textContent = 'New password must be at least 6 characters.'; return; }
+
+    subBtn.disabled = true;
+    msgEl.textContent = '';
+
+    try {
+      var res  = await fetch('./api/users/change-password', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ username: username, currentPassword: cur, newPassword: nw }),
+      });
+      var data = await res.json();
+      if (res.ok && data.ok) {
+        sessionStorage.removeItem('mm_force_change');
+        msgEl.className = 'msg ok';
+        msgEl.textContent = 'Password changed! Redirecting…';
+        var rank = sessionStorage.getItem('mm_rank');
+        setTimeout(function () {
+          if (rank === 'administrator') window.location.href = './admin.html';
+          else if (rank === 'admin')   window.location.href = './control-panel.html';
+          else                         window.location.href = './browse.html';
+        }, 1000);
+      } else {
+        msgEl.className = 'msg error';
+        msgEl.textContent = data.error || 'Failed to change password.';
+        subBtn.disabled = false;
+      }
+    } catch {
+      msgEl.className = 'msg error';
+      msgEl.textContent = 'Connection error. Try again.';
+      subBtn.disabled = false;
+    }
+  }
+})();
+</script>
+</body>
+</html>