matrix-org · hughns · Apr 22, 2022 · Apr 8, 2022 · Apr 8, 2022 · Apr 8, 2022
@@ -31,6 +31,7 @@ export default class PasswordReset {
     private clientSecret: string;
     private password: string;
     private sessionId: string;
+    private logoutDevices: boolean;
 
     /**
      * Configure the endpoints for password resetting.
@@ -50,10 +51,16 @@ export default class PasswordReset {
      * sending an email to the provided email address.
      * @param {string} emailAddress The email address
      * @param {string} newPassword The new password for the account.
+     * @param {boolean} logoutDevices Should all devices be signed out after the reset? Defaults to `true`.
      * @return {Promise} Resolves when the email has been sent. Then call checkEmailLinkClicked().
      */
-    public resetPassword(emailAddress: string, newPassword: string): Promise<IRequestTokenResponse> {
+    public resetPassword(
+        emailAddress: string,
+        newPassword: string,
+        logoutDevices = true,
+    ): Promise<IRequestTokenResponse> {
         this.password = newPassword;
+        this.logoutDevices = logoutDevices;
         return this.client.requestPasswordEmailToken(emailAddress, this.clientSecret, 1).then((res) => {
             this.sessionId = res.sid;
             return res;
@@ -90,7 +97,7 @@ export default class PasswordReset {
                 // See https://github.com/matrix-org/matrix-doc/issues/2220
                 threepid_creds: creds,
                 threepidCreds: creds,
-            }, this.password);
+            }, this.password, this.logoutDevices);
         } catch (err) {
             if (err.httpStatus === 401) {
                 err.message = _t('Failed to verify email address: make sure you clicked the link in the email');

@@ -37,6 +37,7 @@ import AuthHeader from "../../views/auth/AuthHeader";
 import AuthBody from "../../views/auth/AuthBody";
 import PassphraseConfirmField from "../../views/auth/PassphraseConfirmField";
 import AccessibleButton from '../../views/elements/AccessibleButton';
+import StyledCheckbox from '../../views/elements/StyledCheckbox';
 
 enum Phase {
     // Show the forgot password inputs
@@ -72,6 +73,8 @@ interface IState {
     serverDeadError: string;
 
     currentHttpRequest?: Promise<any>;
+
+    logoutDevices: boolean;
 }
 
 enum ForgotPasswordField {
@@ -97,6 +100,7 @@ export default class ForgotPassword extends React.Component<IProps, IState> {
         serverIsAlive: true,
         serverErrorIsFatal: false,
         serverDeadError: "",
+        logoutDevices: false,
     };
 
     public componentDidMount() {
@@ -129,12 +133,12 @@ export default class ForgotPassword extends React.Component<IProps, IState> {
         }
     }
 
-    public submitPasswordReset(email: string, password: string): void {
+    public submitPasswordReset(email: string, password: string, logoutDevices = true): void {
         this.setState({
             phase: Phase.SendingEmail,
         });
         this.reset = new PasswordReset(this.props.serverConfig.hsUrl, this.props.serverConfig.isUrl);
-        this.reset.resetPassword(email, password).then(() => {
+        this.reset.resetPassword(email, password, logoutDevices).then(() => {
             this.setState({
                 phase: Phase.EmailSent,
             });
@@ -174,24 +178,28 @@ export default class ForgotPassword extends React.Component<IProps, IState> {
             return;
         }
 
-        Modal.createTrackedDialog('Forgot Password Warning', '', QuestionDialog, {
-            title: _t('Warning!'),
-            description:
-                <div>
-                    { _t(
-                        "Changing your password will reset any end-to-end encryption keys " +
-                        "on all of your sessions, making encrypted chat history unreadable. Set up " +
-                        "Key Backup or export your room keys from another session before resetting your " +
-                        "password.",
-                    ) }
-                </div>,
-            button: _t('Continue'),
-            onFinished: (confirmed) => {
-                if (confirmed) {
-                    this.submitPasswordReset(this.state.email, this.state.password);
-                }
-            },
-        });
+        if (this.state.logoutDevices) {
+            Modal.createTrackedDialog('Forgot Password Warning', '', QuestionDialog, {
+                title: _t('Warning!'),
+                description:
+                    <div>
+                        { _t(
+                            "Signing out your devices will delete the message encryption keys stored on them, " +
+                            "making encrypted chat history unreadable. If you want to access your encrypted " +
+                            "chat history then set up Key Backup or export your message keys from one of your " +
+                            "other devices before proceeding.",
+                        ) }
+                    </div>,
+                button: _t('Continue'),
+                onFinished: (confirmed: boolean) => {
+                    if (confirmed) {
+                        this.submitPasswordReset(this.state.email, this.state.password, this.state.logoutDevices);
+                    }
+                },
+            });
+        } else {
+            this.submitPasswordReset(this.state.email, this.state.password, this.state.logoutDevices);
+        }
     };
 
     private async verifyFieldsBeforeSubmit() {
@@ -314,6 +322,11 @@ export default class ForgotPassword extends React.Component<IProps, IState> {
                         autoComplete="new-password"
                     />
                 </div>
+                <div className="mx_AuthBody_fieldRow">
+                    <StyledCheckbox onChange={() => this.setState({ logoutDevices: !this.state.logoutDevices })} checked={this.state.logoutDevices}>
+                        { _t("Sign out all devices") }
+                    </StyledCheckbox>
+                </div>
                 <span>{ _t(
                     'A verification email will be sent to your inbox to confirm ' +
                     'setting your new password.',
@@ -353,11 +366,14 @@ export default class ForgotPassword extends React.Component<IProps, IState> {
     renderDone() {
         return <div>
             <p>{ _t("Your password has been reset.") }</p>
-            <p>{ _t(
-                "You have been logged out of all sessions and will no longer receive " +
-                "push notifications. To re-enable notifications, sign in again on each " +
-                "device.",
-            ) }</p>
+            { this.state.logoutDevices ?
+                <p>{ _t(
+                    "You have been logged out of all devices and will no longer receive " +
+                    "push notifications. To re-enable notifications, sign in again on each " +
+                    "device.",
+                ) }</p>
+                : null
+            }
             <input
                 className="mx_Login_submit"
                 type="button"

@@ -15,7 +15,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-import React, { ComponentType } from 'react';
+import React from 'react';
 import { MatrixClient } from "matrix-js-sdk/src/client";
 
 import Field from "../elements/Field";
@@ -28,7 +28,6 @@ import Modal from "../../../Modal";
 import PassphraseField from "../auth/PassphraseField";
 import { PASSWORD_MIN_SCORE } from '../auth/RegistrationForm';
 import SetEmailDialog from "../dialogs/SetEmailDialog";
-import QuestionDialog from "../dialogs/QuestionDialog";
 
 const FIELD_OLD_PASSWORD = 'field_old_password';
 const FIELD_NEW_PASSWORD = 'field_new_password';
@@ -47,7 +46,6 @@ interface IProps {
     buttonClassName?: string;
     buttonKind?: string;
     buttonLabel?: string;
-    confirm?: boolean;
     // Whether to autoFocus the new password input
     autoFocusNewPasswordInput?: boolean;
     className?: string;
@@ -66,8 +64,6 @@ export default class ChangePassword extends React.Component<IProps, IState> {
     public static defaultProps: Partial<IProps> = {
         onFinished() {},
         onError() {},
-
-        confirm: true,
     };
 
     constructor(props: IProps) {
@@ -85,42 +81,7 @@ export default class ChangePassword extends React.Component<IProps, IState> {
     private onChangePassword(oldPassword: string, newPassword: string): void {
         const cli = MatrixClientPeg.get();
 
-        if (!this.props.confirm) {
-            this.changePassword(cli, oldPassword, newPassword);
-            return;
-        }
-
-        Modal.createTrackedDialog('Change Password', '', QuestionDialog, {
-            title: _t("Warning!"),
-            description:
-                <div>
-                    { _t(
-                        'Changing password will currently reset any end-to-end encryption keys on all sessions, ' +
-                        'making encrypted chat history unreadable, unless you first export your room keys ' +
-                        'and re-import them afterwards. ' +
-                        'In future this will be improved.',
-                    ) }
-                    { ' ' }
-                    <a href="https://github.com/vector-im/element-web/issues/2671" target="_blank" rel="noreferrer noopener">
-                        https://github.com/vector-im/element-web/issues/2671
-                    </a>
-                </div>,
-            button: _t("Continue"),
-            extraButtons: [
-                <button
-                    key="exportRoomKeys"
-                    className="mx_Dialog_primary"
-                    onClick={this.onExportE2eKeysClicked}
-                >
-                    { _t('Export E2E room keys') }
-                </button>,
-            ],
-            onFinished: (confirmed) => {
-                if (confirmed) {
-                    this.changePassword(cli, oldPassword, newPassword);
-                }
-            },
-        });
+        this.changePassword(cli, oldPassword, newPassword);
     }
 
     private changePassword(cli: MatrixClient, oldPassword: string, newPassword: string): void {
@@ -140,7 +101,8 @@ export default class ChangePassword extends React.Component<IProps, IState> {
             phase: Phase.Uploading,
         });
 
-        cli.setPassword(authDict, newPassword).then(() => {
+        // This no longer logs out all sessions:
+        cli.setPassword(authDict, newPassword, false).then(() => {
             if (this.props.shouldAskForEmail) {
                 return this.optionallySetEmail().then((confirmed) => {
                     this.props.onFinished({
@@ -182,17 +144,6 @@ export default class ChangePassword extends React.Component<IProps, IState> {
         return modal.finished.then(([confirmed]) => confirmed);
     }
 
-    private onExportE2eKeysClicked = (): void => {
-        Modal.createTrackedDialogAsync('Export E2E Keys', 'Change Password',
-            import(
-                '../../../async-components/views/dialogs/security/ExportE2eKeysDialog'
-            ) as unknown as Promise<ComponentType<{}>>,
-            {
-                matrixClient: MatrixClientPeg.get(),
-            },
-        );
-    };
-
     private markFieldValid(fieldID: string, valid: boolean): void {
         const { fieldValid } = this.state;
         fieldValid[fieldID] = valid;

diff --git a/src/i18n/strings/en_EN.json b/src/i18n/strings/en_EN.json
@@ -1185,9 +1185,6 @@
     "Failed to upload profile picture!": "Failed to upload profile picture!",
     "Upload new:": "Upload new:",
     "No display name": "No display name",
-    "Warning!": "Warning!",
-    "Changing password will currently reset any end-to-end encryption keys on all sessions, making encrypted chat history unreadable, unless you first export your room keys and re-import them afterwards. In future this will be improved.": "Changing password will currently reset any end-to-end encryption keys on all sessions, making encrypted chat history unreadable, unless you first export your room keys and re-import them afterwards. In future this will be improved.",
-    "Export E2E room keys": "Export E2E room keys",
     "New passwords don't match": "New passwords don't match",
     "Passwords can't be empty": "Passwords can't be empty",
     "Do you want to set an email address?": "Do you want to set an email address?",
@@ -1216,6 +1213,7 @@
     "Homeserver feature support:": "Homeserver feature support:",
     "exists": "exists",
     "<not supported>": "<not supported>",
+    "Export E2E room keys": "Export E2E room keys",
     "Import E2E room keys": "Import E2E room keys",
     "Cryptography": "Cryptography",
     "Session ID:": "Session ID:",
@@ -1998,6 +1996,7 @@
     "Unmute": "Unmute",
     "Mute": "Mute",
     "Failed to change power level": "Failed to change power level",
+    "Warning!": "Warning!",
     "You will not be able to undo this change as you are promoting the user to have the same power level as yourself.": "You will not be able to undo this change as you are promoting the user to have the same power level as yourself.",
     "Are you sure?": "Are you sure?",
     "Deactivate user?": "Deactivate user?",
@@ -3137,18 +3136,19 @@
     "Really reset verification keys?": "Really reset verification keys?",
     "Skip verification for now": "Skip verification for now",
     "Failed to send email": "Failed to send email",
-    "Changing your password will reset any end-to-end encryption keys on all of your sessions, making encrypted chat history unreadable. Set up Key Backup or export your room keys from another session before resetting your password.": "Changing your password will reset any end-to-end encryption keys on all of your sessions, making encrypted chat history unreadable. Set up Key Backup or export your room keys from another session before resetting your password.",
+    "Signing out your devices will delete the message encryption keys stored on them, making encrypted chat history unreadable. If you want to access your encrypted chat history then set up Key Backup or export your message keys from one of your other devices before proceeding.": "Signing out your devices will delete the message encryption keys stored on them, making encrypted chat history unreadable. If you want to access your encrypted chat history then set up Key Backup or export your message keys from one of your other devices before proceeding.",
     "The email address linked to your account must be entered.": "The email address linked to your account must be entered.",
     "The email address doesn't appear to be valid.": "The email address doesn't appear to be valid.",
     "A new password must be entered.": "A new password must be entered.",
     "New passwords must match each other.": "New passwords must match each other.",
+    "Sign out all devices": "Sign out all devices",
     "A verification email will be sent to your inbox to confirm setting your new password.": "A verification email will be sent to your inbox to confirm setting your new password.",
     "Send Reset Email": "Send Reset Email",
     "Sign in instead": "Sign in instead",
     "An email has been sent to %(emailAddress)s. Once you've followed the link it contains, click below.": "An email has been sent to %(emailAddress)s. Once you've followed the link it contains, click below.",
     "I have verified my email address": "I have verified my email address",
     "Your password has been reset.": "Your password has been reset.",
-    "You have been logged out of all sessions and will no longer receive push notifications. To re-enable notifications, sign in again on each device.": "You have been logged out of all sessions and will no longer receive push notifications. To re-enable notifications, sign in again on each device.",
+    "You have been logged out of all devices and will no longer receive push notifications. To re-enable notifications, sign in again on each device.": "You have been logged out of all devices and will no longer receive push notifications. To re-enable notifications, sign in again on each device.",
     "Return to login screen": "Return to login screen",
     "Set a new password": "Set a new password",
     "Invalid homeserver discovery response": "Invalid homeserver discovery response",