Challenge Overview
Welcome to the Cloud Hub Password Reset Feature Implementation. As part of this contest, we would like you to implement the Password Reset feature for our existing application.
Project Overview
Cloud Hub is trying to help their client solve the problem of knowing what software applications they are spending the most money on over time. Cloud Hub will take in data from credit cards and other sources and attempt to show what software the client has and who is using the applications the most.
Contest Overview
We would like you to make the following updates to the application:
- In the user model, for the password attribute, set the following restrictions:
- Should be having a minimum length of 10 characters and maximum of 70 characters.
- Should contain at least one uppercase letter, one lowercase letter, one number and one special character. The acceptable special characters can be found in the list here.
- You will also need to update prokure.js (and other seed scripts) to use a password meeting the above restrictions
- Ensure that you provide a hint regarding the restrictions next to the password input field whenever the user creates / updates their password.
- Create a new Forgot Password Page. The user will be allowed to enter their email id in this page which, on submitting, gets a link to reset their password (if valid email address is entered)
- In the back end, generate a token that is appended to a URL which can be used by the user to reset their password. Store this token in the user model and have the token expire after 24 hours. Finally, send an email to the email address provided with the password reset URL. Note that the user model already contains the resetPasswordToken and the resetPasswordExpires properties that you need to make use of here.
- Make sure that you use a suitable template for the email that is sent out. The email should appear professionally made. Note that all email templates reside in the views folder and this is where we are also expecting your template to exist. Make sure that you use a template that fits in with the theme of the application.
- When the user clicks on the password reset URL, show the password reset page where the user enters their new password. In case the link has expired, show the appropriate message to the user.
- After successfully resetting the password, the user is directed back to the login page.
- Enhance the login page by providing a link to the Forgot Password page
Note that the backend is already having endpoints to Reset Password and generate the token when the user invokes the Forgot Password feature
Note to the reviewers (and participants too):
- Provide special emphasis to the User Interface. The new pages generated and the email templates should look good. The pages should fit with the rest of the theme of the application.
- Ensure that there are no lint errors. Additional exceptions to the linter configuration are not allowed unless approved in the contest forum. You can run the npm scripts under each app to verify this.
- Any updates, to the deployment process, should be catpured in the app's README.md file. Do not allow additional README.txt or deployment guides.
- Only one test case is expected as part of this contest - a test case that ensures that the password restrictions mentioned earlier hold good.