From 33c89690390de2e637dc22855afaf01e12412685 Mon Sep 17 00:00:00 2001
From: Timothy Alexis Vass <timothy_alexis.vass@ub.lu.se>
Date: Fri, 18 Sep 2020 05:55:22 +0000
Subject: [PATCH] Bug 26266: Add jQuery validator to opac-password-recovery.tt

To test:
0) Activate password reset in system preferences.
1) Initiate a password recovery.
2) Try to submit with an invalid password.
3) Confirm that validation occurs.
4) Try to submit with mismatching passwords.
5) Confirm that validation occurs.
6) Sign off.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
---
 .../en/modules/opac-password-recovery.tt      | 25 ++++++++++++++++---
 opac/opac-password-recovery.pl                |  2 +-
 2 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
index 7328f31736..fe5de79ea2 100644
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
@@ -5,6 +5,10 @@
 [% INCLUDE 'doc-head-close.inc' %]
 [% BLOCK cssinclude %][% END %]
 [% BLOCK jsinclude %]
+[% IF (new_password) %]
+    [% Asset.js("lib/jquery/plugins/jquery.validate.min.js") | $raw %]
+    [% PROCESS 'password_check.inc' new_password => 'newPassword', minPasswordLength => minPasswordLength, RequireStrongPassword => RequireStrongPassword %]
+[% END %]
     <script>
     $(function() {
             $("#CheckAll").click(function(){
@@ -21,6 +25,21 @@
                 $("fieldset#serial, fieldset#book, fieldset#chapter").hide()
                 $("fieldset#" + $(this).val() ).show();
             });
+        [% IF (new_password) %]
+            $("#mainform").validate({
+                rules: {
+                    newPassword: {
+                        required: true,
+                        password_strong: true,
+                        password_no_spaces: true
+                    },
+                    repeatPassword: {
+                        required: true,
+                        password_match: true
+                    }
+                }
+            });
+        [% END %]
     });
     </script>
 [% END %]
@@ -116,7 +135,7 @@
                         </form>
                     [% ELSIF (new_password) %]
                         [% UNLESS ( errLinkNotValid ) %]
-                            <form action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
+                            <form id="mainform" name="mainform" action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
                                 <input type="hidden" name="koha_login_context" value="opac" />
                                 <fieldset class="brief">
                                     [% IF ( RequireStrongPassword ) %]
@@ -125,8 +144,8 @@
                                         <div class="alert alert-info">Your password must be at least [% minPasswordLength | html %] characters long.</div>
                                     [% END %]
                                     <div class="form-group">
-                                        <label for="password">New password:</label>
-                                        <input class="form-control" type="password" id="password" size="40" name="password" />
+                                        <label for="newPassword">New password:</label>
+                                        <input class="form-control" type="password" id="newPassword" size="40" name="newPassword" />
                                     </div>
 
                                     <div class="form-group">
diff --git a/opac/opac-password-recovery.pl b/opac/opac-password-recovery.pl
index d688e365a9..3d492dd205 100755
--- a/opac/opac-password-recovery.pl
+++ b/opac/opac-password-recovery.pl
@@ -27,7 +27,7 @@ my ( $template, $dummy, $cookie ) = get_template_and_user(
 );
 
 my $email          = $query->param('email') // q{};
-my $password       = $query->param('password');
+my $password       = $query->param('newPassword');
 my $repeatPassword = $query->param('repeatPassword');
 my $id             = $query->param('id');
 my $uniqueKey      = $query->param('uniqueKey');
-- 
2.39.2