Closed natalian98 closed 2 weeks ago
There is a case that @edlerd is looking at: If you are logged in and have a kratos session, you should be able to change your password without the need of going through recovery, but rn going directly to localhost:4455/ui/reset_password redirects to http://localhost:4455/ui/ which doesn't exist.
There is a case that @edlerd is looking at: If you are logged in and have a kratos session, you should be able to change your password without the need of going through recovery, but rn going directly to localhost:4455/ui/reset_password redirects to http://localhost:4455/ui/ which doesn't exist.
This has been handled.
In case no text or an invalid email is entered, the POST api/kratos/self-service/recovery
responds with the text content 400 Bad Request
. As this is displayed to the user, it would be nice to have a better error message in this case.
couple of small commit message nudges:
wip
commit needs to become a feat
or fix
@natalian98 do a rebase and then it's mergeable
Testing
Go to localhost:4455/ui/reset_email:![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/4edc2d61-b6c5-426b-a9d8-2860993a9a24)
The link to reset password is also added to the login screen:![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/838ccfd4-bfa2-4769-bee9-2fec21e3b367)
Enter a valid email. I use![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/4b6d5414-3b73-48a3-a419-8eebc9b27bb6)
test@example.com
because that's the only imported identity in kratos. Get the recovery code from mailslurper at localhost:4436.Once a valid code is submitted, a kratos session is created. The recovery flow redirects to password change screen and starts a settings flow:
![image](https://github.com/canonical/identity-platform-login-ui/assets/97316813/cc94c3d2-2886-44ab-bf60-951418374aca)
If you have an application that is a client of hydra, you will be automatically logged into it if opened in the same browser session as the completed recovery flow. If you start a new browser session you can verify that the credential was updated.