ensuring that the password reset screen displays an appropriate messa…

…ge if password policy fails
UnitedEffects · Oct 4, 2023 · 58753c7 · 58753c7
1 parent 27298b1
commit 58753c7
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 5 deletions.
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "ue-auth",
   "altName": "UE-Auth",
-  "version": "1.36.0",
+  "version": "1.36.1",
   "description": "UE Auth is a multi-tenant OIDC Provider, User Management, B2B Product Access, and Roles/Permissions Management system intended to create a single hybrid solution to serve as Identity and Access for both self-registered B2C Apps and Enterprise B2B Solutions",
   "private": false,
   "license": "SEE LICENSE IN ./LICENSE.md",

diff --git a/src/api/accounts/account.js b/src/api/accounts/account.js
@@ -82,7 +82,7 @@ export default {
 			if(!policy.test(password)) {
 				const message = (custom) ? 'Password must follow the policy. Contact your administrator' :
 					`Password must follow the policy: At least ${p.pattern.characters} characters${(p.pattern.caps) ? ', at least one capital' : ''}${(p.pattern.number) ? ', at least one number' : ''}${(p.pattern.special) ? ', at least one special character' : ''}.`;
-				throw Boom.badRequest(message);
+				throw Boom.expectationFailed(message);
 			}
 		}
 	},

diff --git a/views/forgotpassword/forgotSend.js b/views/forgotpassword/forgotSend.js
@@ -13,7 +13,18 @@ window.addEventListener( 'load', function () {
 			if (event.target.status !== 204) {
 				document.getElementById('message').classList.add('error');
 				document.getElementById('title').innerHTML = 'Uh oh...';
-				document.getElementById('message').innerHTML = 'Verification or reset was not successful. Your reset or verification window may have expired. Click below to resend the email';
+				let innerHtml = 'Verification or reset was not successful. Your reset or verification window may have expired. Click below to resend the email';
+				if(event.target.status === 417) {
+					let responseMessage;
+					try {
+						responseMessage = JSON.parse(event.target.response);
+						innerHtml = `Password reset was not successful. ${responseMessage?.message}`;
+					} catch(e) {
+						innerHtml = 'Password reset was not successful. You must adhere to the password policy. Contact your admin for details.';
+					}
+				}
+				console.info(event);
+				document.getElementById('message').innerHTML = innerHtml;
 				form.remove();
 				document.getElementById('tryAgain').classList.remove('invisible');
 			} else {
@@ -49,10 +60,19 @@ window.addEventListener( 'load', function () {
 		XHR.addEventListener( 'load', function(event) {
 			hideSpinner();
 			if (event.target.status !== 204) {
-				console.info('error');
+				let innerHtml = 'There may be a problem. Try again later or contact the admin.';
+				if(event.target.status === 417) {
+					let responseMessage;
+					try {
+						responseMessage = JSON.parse(event.target.response);
+						innerHtml = `Password reset was not successful. ${responseMessage?.message}`;
+					} catch(e) {
+						innerHtml = 'Password reset was not successful. You must adhere to the password policy. Contact your admin for details.';
+					}
+				}
 				document.getElementById('message').classList.add('error');
 				document.getElementById('title').innerHTML = 'Uh oh...';
-				document.getElementById('message').innerHTML = 'There may be a problem. Try again later or contact the admin.';
+				document.getElementById('message').innerHTML = innerHtml;
 			} else {
 				document.getElementById('title').innerHTML = 'Check Your Email or Mobile Device';
 				const m1 = document.getElementById('message');