From 5bbe1e0ae8b38a5c8b60e5e7416757cacccb2df5 Mon Sep 17 00:00:00 2001
From: rheasunshine <rhea.morrison@gmail.com>
Date: Thu, 10 Aug 2017 13:33:58 -0400
Subject: [PATCH] Error handling for password reset

---
 src/app/views/auth/password/reset.coffee | 45 +++++++++++++++++++-----
 src/app/views/auth/password/reset.html   |  2 +-
 src/locales/en.locale.json               |  8 +++--
 3 files changed, 43 insertions(+), 12 deletions(-)

diff --git a/src/app/views/auth/password/reset.coffee b/src/app/views/auth/password/reset.coffee
index 44931287..3c1f6094 100644
--- a/src/app/views/auth/password/reset.coffee
+++ b/src/app/views/auth/password/reset.coffee
@@ -8,10 +8,20 @@ angular.module('mnoEnterpriseAngular')
       $pwdScore: {}
     }
 
+    if !$location.search().reset_password_token
+      toastr.error('devise.passwords.no_token', {
+        timeOut: 0,
+        closeButton: true,
+        extendedTimeOut: 0
+      })
+      $state.go('password_recovery')
+
     vm.password_reset = ->
       if vm.form.$invalid && !MnoErrorsHandler.onlyServerError(vm.form)
         return
       else if vm.user.password != vm.user.password_confirmation
+        toastr.error('Passwords do not match.')
+        vm.hasClicked = false
         return
 
       MnoErrorsHandler.resetErrors(vm.form)
@@ -19,18 +29,35 @@ angular.module('mnoEnterpriseAngular')
       vm.user.reset_password_token = $location.search().reset_password_token
       Auth.resetPassword(vm.user).then(
         ->
-          toastr.info('devise.passwords.updated', {
-            timeOut: 0,
-            closeButton: true,
-            extendedTimeOut: 0
-          })
+          vm.resetConfirmed = true
           Auth.login(vm.user).then(
             ->
+              toastr.success('devise.passwords.updated', {
+                timeOut: 10000,
+                closeButton: true,
+              })
               $state.go('home.impac')
-          ).finally( -> vm.resetConfirmed = true)
-          (error) ->
-            MnoErrorsHandler.processServerError(error, vm.form)
-        ).finally( -> vm.hasClicked = false)
+            (error) ->
+              toastr.success('devise.passwords.updated_not_active', {
+                timeOut: 10000,
+                closeButton: true,
+              })
+          )
+      ).catch(
+        (error) ->
+          if error.status == 422
+            toastr.info('devise.passwords.already_reset_error', {
+              timeOut: 10000,
+              closeButton: true,
+            })
+            $state.go('login')
+          else
+            toastr.error('devise.passwords.unspecified_reset_error', {
+              timeOut: 10000,
+              closeButton: true,
+            })
+          MnoErrorsHandler.processServerError(error, vm.form)
+      ).finally( -> vm.hasClicked = false)
 
       return true
 
diff --git a/src/app/views/auth/password/reset.html b/src/app/views/auth/password/reset.html
index 460c89be..b1ac6779 100644
--- a/src/app/views/auth/password/reset.html
+++ b/src/app/views/auth/password/reset.html
@@ -12,7 +12,7 @@ <h2>{{ 'mno_enterprise.auth.passwords.edit.title' | translate }}</h2>
               <div class='col-sm-12'>
                 <div class="input-group">
                 <input mno-password-strength password-score="vm.user.$pwdScore" type="{{isShown ? 'text' : 'password'}}" placeholder="*Password" ng-model="vm.user.password" class="form-control" name="password" id="user_password" autocomplete="off"  autofocus required/>
-                <span class="input-group-addon pw-strength-indicator" ng-class='vm.user.$pwdScore.class'>
+                <span class="input-group-addon pw-strength-indicator" ng-class='vm.user.$pwdScore.class' uib-tooltip="{{'activemodel.errors.mno_enterprise/user.password_weak' | translate}}" tooltip-enable="vm.user.$pwdScore.value == 'weak'" tooltip-placement="auto">
                   {{ vm.user.$pwdScore.value }}
                 </span>
               </div>
diff --git a/src/locales/en.locale.json b/src/locales/en.locale.json
index ac3dac7b..6cb919bb 100644
--- a/src/locales/en.locale.json
+++ b/src/locales/en.locale.json
@@ -183,11 +183,15 @@
   "devise.mailer.password_change.subject": "Password Changed",
   "devise.omniauth_callbacks.failure": "Could not authenticate you from %{kind} because \"%{reason}\".",
   "devise.omniauth_callbacks.success": "Successfully authenticated from %{kind} account.",
-  "devise.passwords.no_token": "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided.",
+  "devise.passwords.no_token": "You can't access that page without coming from a password reset email. Please make sure you used the full URL provided in the email, or enter your email here to receive a new link.",
   "devise.passwords.send_instructions": "You will receive an email with instructions on how to reset your password in a few minutes.",
   "devise.passwords.send_paranoid_instructions": "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes.",
   "devise.passwords.updated": "Your password has been changed successfully. You are now signed in.",
   "devise.passwords.updated_not_active": "Your password has been changed successfully.",
+  "devise.passwords.do_not_match_error": "Your passwords do not match",
+  "devise.passwords.confirmation_password_required": "You must enter a password and password confirmation.",
+  "devise.passwords.already_reset_error": "Your password has already been reset. Log in!",
+  "devise.passwords.unspecified_reset_error": "Oops, something went wrong... Try again",
   "devise.registrations.destroyed": "Bye! Your account has been successfully cancelled. We hope to see you again soon.",
   "devise.registrations.signed_up": "Welcome! You have signed up successfully.",
   "devise.registrations.signed_up_but_inactive": "You have signed up successfully. However, we could not sign you in because your account is not yet activated.",
@@ -918,4 +922,4 @@
   "activemodel.attributes.mno_enterprise/user.website": "Website",
   "activemodel.errors.models.mno_enterprise/user.attributes.email.taken": "has already been taken",
   "activemodel.errors.mno_enterprise/user.password_weak": "Password is not strong enough. Try mixing letters, numbers and cases"
-}
\ No newline at end of file
+}