Add password reset mechanism (Issue #1)

- Added reset_token and reset_token_expiry fields to User model - Implemented generate_reset_token(), verify_reset_token(), and clear_reset_token() methods - Created password reset request form (/password-reset-request) - Created password reset form (/password-reset/<token>) - Added "Forgot password?" link to login page - Reset tokens expire after 1 hour for security - Created migration script to add new database columns - Reset links are logged (would be emailed in production) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-11 18:46:18 -05:00
parent a1d8c9d373
commit 51911f2c48
6 changed files with 244 additions and 0 deletions
--- a/templates/password_reset.html
+++ b/templates/password_reset.html
@@ -0,0 +1,43 @@
+{% extends "base.html" %}
+
+{% block title %}Set New Password - BalanceBoard{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <div class="auth-logo">
+            <img src="{{ url_for('serve_logo') }}" alt="BalanceBoard Logo">
+            <h1><span class="balance">balance</span>Board</h1>
+            <p style="color: var(--text-secondary); margin-top: 8px;">Set a new password</p>
+        </div>
+
+        {% with messages = get_flashed_messages(with_categories=true) %}
+            {% if messages %}
+                <div class="flash-messages">
+                    {% for category, message in messages %}
+                        <div class="flash-message {{ category }}">{{ message }}</div>
+                    {% endfor %}
+                </div>
+            {% endif %}
+        {% endwith %}
+
+        <form method="POST" class="auth-form">
+            <div class="form-group">
+                <label for="password">New Password</label>
+                <input type="password" id="password" name="password" required autofocus minlength="6">
+            </div>
+
+            <div class="form-group">
+                <label for="confirm_password">Confirm New Password</label>
+                <input type="password" id="confirm_password" name="confirm_password" required minlength="6">
+            </div>
+
+            <button type="submit">Reset Password</button>
+        </form>
+
+        <div class="auth-footer">
+            <p>Remember your password? <a href="{{ url_for('login') }}">Log in</a></p>
+        </div>
+    </div>
+</div>
+{% endblock %}