3m-portal/reset-password.js

const token = new URLSearchParams(window.location.search).get('token');

document.addEventListener('DOMContentLoaded', () => {
    if (!token) {
        document.getElementById('invalidState').style.display = 'block';
        return;
    }
    document.getElementById('resetForm').style.display = 'block';
});

async function handleReset() {
    const newPass      = document.getElementById('newPassword').value;
    const confirm      = document.getElementById('confirmPassword').value;
    const errorMessage = document.getElementById('errorMessage');
    const submitBtn    = document.getElementById('submitBtn');
    const submitText   = document.getElementById('submitText');
    const spinner      = document.getElementById('submitSpinner');

    errorMessage.style.display = 'none';

    if (newPass !== confirm) {
        errorMessage.textContent   = 'Passwords do not match.';
        errorMessage.style.display = 'block';
        return;
    }
    if (newPass.length < 10) {
        errorMessage.textContent   = 'Password must be at least 10 characters.';
        errorMessage.style.display = 'block';
        return;
    }

    submitBtn.disabled    = true;
    submitText.textContent = 'Saving...';
    spinner.style.display  = 'inline-block';

    try {
        const res  = await fetch('/api/auth/reset-password', {
            method:  'POST',
            headers: { 'Content-Type': 'application/json' },
            body:    JSON.stringify({ token, password: newPass }),
        });
        const data = await res.json();
        if (!res.ok) throw new Error(data.error || 'Reset failed');
        window.location.href = 'login.html?reset=1';
    } catch (err) {
        errorMessage.textContent   = err.message;
        errorMessage.style.display = 'block';
        submitBtn.disabled         = false;
        submitText.textContent     = 'Set Password';
        spinner.style.display      = 'none';
    }
}

document.getElementById('submitBtn')?.addEventListener('click', handleReset);
document.getElementById('resetForm')?.addEventListener('keydown', e => {
    if (e.key === 'Enter') handleReset();
});