forgotpassword.html

<!doctype html>
<html lang="en">
<head>
<title>Discord verification</title>

<script async src="https://www.googletagmanager.com/gtag/js?id=UA-143397381-1"></script>
<script>
        function gtag() {
            if (!window.dataLayer) {
                window.dataLayer = []
            }
            window.dataLayer.push(arguments)
        }

        gtag('js', new Date())
        gtag('config', 'UA-143397381-1')

        // magic function that we never call, I assume GA uses this for something?
        function getOutboundLink(label) {
            gtag('event', 'click', {
                'event_category': 'outbound',
                'event_label': label,
                'transport_type': 'beacon'
            })
        }
    </script>

<link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css" />
<link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css" />
<link rel="stylesheet" type="text/css" href="min/style-min.css" />
<style>
        #fouc {
            opacity: 1;
            -webkit-transition: opacity .33s ease;
            transition: opacity .33s ease;
        }
        .invisible {
            opacity: 0!important;
        }
    </style>
</head>
<body>
<header>
<div class="navbar-fixed">
<nav role="navigation">
<div class="nav-wrapper container">
<a href="index.html" class="brand-logo"><h1>Impact</h1></a>
</div>
</nav>
</div>
</header>
<noscript>
    You must have javascript enabled.
</noscript>
<div id="fouc" class="section container invisible">
<form id="get_token" class="row hidden" novalidate>
<p class="input-field col s12">
Enter your email and complete the recaptcha, then we will email you a link so that you can reset your password.
</p>
<div class="input-field col s12">
<input type="email" name="email" id="email" class="validate" required />
<label for="email">Email</label>
</div>
<div class="input-field col s12 g-recaptcha" data-sitekey="6Lf19NcUAAAAADBY-60OxWuSMgr4XMH3aq1BZYRs"></div>
<div class="input-field col s12">
<button class="btn waves-effect waves-light" type="submit" name="action">
Submit
</button>
</div>
<p id="get_token_msg" class="col s12 helper-text error"></p>
</form>
<form id="use_token" class="row hidden" novalidate>
<p class="input-field col s12">
Reset your password:
</p>
<div class="input-field col s12 m6">

<input type="password" name="password" id="password" class="validate" autocomplete required pattern="(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9]).{6,}" onchange="form.password2.pattern = RegExp.escape(this.value);" />
<label for="password">Password</label>
<span class="helper-text" data-error="Must be 6 characters or more & include lowercase, uppercase, numeric and symbolic characters"></span>
</div>
<div class="input-field col s12 m6">
<input type="password" name="password2" id="password2" class="validate" autocomplete="off" required pattern="\w" />
<label for="password2">Confirm</label>
<span class="helper-text" data-error="Password does not match"></span>
</div>
<div class="input-field col s12">
<button class="btn waves-effect waves-light" type="submit" name="action">
Submit
</button>
</div>
<p id="use_token_msg" class="col s12 input-field helper-text error"></p>
</form>
<p id="success" class="row hidden med_text"></p>
</div>

<script crossorigin="anonymous" src="https://polyfill.io/v3/polyfill.min.js"></script>
<script crossorigin="anonymous" src="https://benjamingr.github.io/RegExp.escape/polyfill.js"></script>
<script type="text/javascript" src="min/modernizr-min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script type="text/javascript" src="js/api.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/js/materialize.min.js" async></script>
<script src="https://www.google.com/recaptcha/api.js" async></script>
<script async>
    (function (){
        function getToken() {
            var query = new URLSearchParams(window.location.search)
            return query.get("token")
        }

        function capitalize(text) {
            if (typeof text !== "string") return text;

            return text.replace(/^[a-z]/, function(letter) {
                return letter.toUpperCase();
            });
        }

        $("#get_token").submit(function (event) {
            event.preventDefault()

            var email = $("#email").val()
            var captcha = $("#g-recaptcha-response").val()

            // validate
            var err = []
            if (!email) err.push("Email is required")
            if (!captcha) err.push("Recaptcha is required")
            $("#get_token_msg").html(err.join("<br>"))
            if (err.length > 0) {
                return
            }

            // Send a reset email
            api.forgotPassword(email, captcha)
                .then(function (result) {
                    if (result === "success") {
                        result = "We have emailed you a password reset link"
                    }
                    $("#get_token").addClass("hidden")
                    $("#success")
                        .removeClass("hidden")
                        .text(capitalize(result))
                })
                .catch(function (result) {
                    $("#get_token_msg").text(capitalize(result))
                })
        })

        $("#use_token").submit(function (event) {
            event.preventDefault()

            var token = getToken()
            var password = $("#password").val()
            var password2 = $("#password2").val()

            // validate
            var err = []
            if (!token) err.push("Error: no token provided")
            if (!password) err.push("Password is required")
            if (password !== password2) err.push("Passwords do not match")
            $("#use_token_msg").html(err.join("<br>"))
            if (err.length > 0) {
                return
            }

            // Do the meme
            api.changePassword(token, password)
               .then(function(result) {
                   if (result === "success") {
                       result = "Password changed successfully"
                   }
                   $("#use_token").addClass("hidden")
                   $("#success")
                       .removeClass("hidden")
                       .text(capitalize(result))
                })
               .catch(function(result) {
                   if (result === "invalid reset token") {
                       $("#use_token_msg").html('Invalid! <a href="forgotpassword.html">Get a new reset link</a>.')
                       return
                   }
                $("#use_token_msg").text(capitalize(result))
            })
        })

        // show/hide
        if (getToken()) {
            $("#get_token").addClass("hidden")
            $("#use_token").removeClass("hidden")
        } else {
            $("#get_token").removeClass("hidden")
            $("#use_token").addClass("hidden")
        }

        // Fade in
        $("#fouc").removeClass("invisible")
    })()
</script>
</body>
</html>