Create reset-password.html

reset-password.html

@@ -0,0 +1,126 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="UTF-8" />
+  <title>Reset Your Password</title>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <!-- Include the Supabase JavaScript library from a CDN -->
+  <script src="https://cdn.jsdelivr.net/npm/@supabase/supabase-js/dist/umd/supabase.min.js"></script>
+  <style>
+    /* Basic styles to make it user-friendly */
+    body {
+      font-family: sans-serif;
+      padding: 2rem;
+      max-width: 500px;
+      margin: 0 auto;
+    }
+    h1 {
+      margin-bottom: 1rem;
+    }
+    .form-group {
+      margin-bottom: 1rem;
+    }
+    label {
+      display: inline-block;
+      margin-bottom: 0.5rem;
+    }
+    input {
+      width: 100%;
+      padding: 0.5rem;
+    }
+    button {
+      padding: 0.5rem 1rem;
+      background: #007bff;
+      color: #fff;
+      border: none;
+      cursor: pointer;
+    }
+    button:disabled {
+      background: #ccc;
+      cursor: not-allowed;
+    }
+    .message {
+      margin: 1rem 0;
+      color: #333;
+    }
+  </style>
+</head>
+<body>
+
+<h1>Reset Your Password</h1>
+
+<div id="status" class="message"></div>
+
+<form id="resetForm">
+  <div class="form-group">
+    <label for="newPassword">New Password</label>
+    <input id="newPassword" name="newPassword" type="password" required />
+  </div>
+  <button id="resetBtn">Update Password</button>
+</form>
+
+<script>
+  // 1. Create the Supabase client (replace with your own values)
+  const SUPABASE_URL = 'https://xbkphiqrblzbgxpynndc.supabase.co';
+  const SUPABASE_ANON_KEY = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inhia3BoaXFyYmx6Ymd4cHlubmRjIiwicm9sZSI6ImFub24iLCJpYXQiOjE3MzYyNDU1NjYsImV4cCI6MjA1MTgyMTU2Nn0.NRhA1nb3kTzfJyi-9zw5-acni6R6fxJthVTJbBecogk';
+
+  const supabase = supabase.createClient(SUPABASE_URL, SUPABASE_ANON_KEY);
+
+  // 2. Parse tokens from the URL hash (e.g., #access_token=...&refresh_token=...)
+  const hashParams = new URLSearchParams(window.location.hash.substring(1));
+  const accessToken = hashParams.get('access_token');
+  const refreshToken = hashParams.get('refresh_token');
+
+  const statusEl = document.getElementById('status');
+  const resetForm = document.getElementById('resetForm');
+  const resetBtn = document.getElementById('resetBtn');
+
+  // 3. If tokens exist, set the session so we can call 'updateUser'
+  async function setSessionIfNeeded() {
+    if (accessToken && refreshToken) {
+      const { data, error } = await supabase.auth.setSession({
+        access_token: accessToken,
+        refresh_token: refreshToken,
+      });
+      if (error) {
+        statusEl.innerText = 'Error restoring session: ' + error.message;
+      } else {
+        statusEl.innerText = 'Session restored. You may now update your password.';
+      }
+    } else {
+      statusEl.innerText = 'Missing tokens in URL hash. Cannot reset password.';
+      resetBtn.disabled = true; // no tokens, can't update password
+    }
+  }
+
+  // Run on page load
+  setSessionIfNeeded();
+
+  // 4. Handle the form submission to update password
+  resetForm.addEventListener('submit', async (e) => {
+    e.preventDefault();
+    const newPassword = document.getElementById('newPassword').value.trim();
+    if (!newPassword) {
+      statusEl.innerText = 'Please enter a new password.';
+      return;
+    }
+
+    try {
+      const { data, error } = await supabase.auth.updateUser({
+        password: newPassword
+      });
+
+      if (error) {
+        statusEl.innerText = 'Error updating password: ' + error.message;
+      } else {
+        statusEl.innerText = 'Password updated successfully! You can now close this tab or log in again.';
+        resetBtn.disabled = true;
+      }
+    } catch (err) {
+      statusEl.innerText = 'Exception: ' + err.message;
+    }
+  });
+</script>
+
+</body>
+</html>