Skip to content

fix: resolve auth modal UI issues and add forgot password flow (Closes #652)#710

Open
Prashansure wants to merge 1 commit into
Charushi06:mainfrom
Prashansure:fix/auth-ui-forgot-password
Open

fix: resolve auth modal UI issues and add forgot password flow (Closes #652)#710
Prashansure wants to merge 1 commit into
Charushi06:mainfrom
Prashansure:fix/auth-ui-forgot-password

Conversation

@Prashansure
Copy link
Copy Markdown

@Prashansure Prashansure commented May 24, 2026

Related Issue

Closes #652

Summary

Fixes all three UI/auth issues reported in issue #652:

  1. Login modal was cut off at the bottom on all screen sizes
  2. Profile dropdown button was non-functional
  3. Forgot password functionality was completely missing

Changes Made

  • Fix modal cutoff: added max-height: 90vh + overflow-y: auto so modal never clips
  • Removed duplicate auth-error element ID (was breaking error display)
  • Password rules now only shown on Sign Up view, not Login
  • Replaced dead Profile button with working dropdown (shows email, Settings, Sign Out)
  • Migrated auth from in-memory const users = {} to persistent SQLite users table
  • Passwords now hashed with crypto.scryptSync (Node built-in, no new dependencies)
  • Added POST /api/auth/forgot-password with cryptographically secure token + 1hr expiry
  • Added POST /api/auth/reset-password with one-time token invalidation
  • Added reset-password.html page with validation and expired-token handling
  • Forgot password endpoint always returns same response (prevents user enumeration)
  • Added password_reset_tokens table to database.js

Testing

  • Sign Up creates persistent account (survives server restart)
  • Login works with hashed password verification
  • Forgot password link visible and functional
  • Reset link logged to terminal in dev mode
  • Reset password page validates token expiry
  • Profile dropdown opens/closes correctly
  • Sign Out clears session and shows login modal

Screenshots

[Add before/after screenshots here]

@Prashansure
fix: resolve auth modal UI issues and add forgot password flow
aa209ae 
- Fix modal cutoff on small screens (max-height + overflow-y)
- Remove duplicate auth-error element ID
- Show password rules only on Sign Up view
- Replace dead Profile button with functional dropdown
- Migrate auth from in-memory store to persistent SQLite users table
- Hash passwords with crypto.scryptSync (no extra dependencies)
- Add forgot password endpoint with secure token + 1hr expiry
- Add reset password endpoint with one-time token invalidation
- Add reset-password.html with validation and expired-token handling
- Prevent user enumeration on forgot password endpoint

Closes Charushi06#652
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

problem: error in ui part and one feature addition

1 participant

@Prashansure