feat: SPA-based password reset page

- Created ResetPassword.tsx with: - Password reset form with strength indicator - Key validation on load - Show/hide password toggle - Success/error states - Redirect to login on success - Updated EmailManager.php: - Changed reset_link from wp-login.php to SPA route - Format: /wp-admin/admin.php?page=woonoow#/reset-password?key=KEY&login=LOGIN - Added AuthController API methods: - validate_reset_key: Validates reset key before showing form - reset_password: Performs actual password reset - Registered new REST routes in Routes.php: - POST /auth/validate-reset-key - POST /auth/reset-password Password reset emails now link to the SPA instead of native WordPress.
2026-01-03 16:59:05 +07:00
parent 3f8d15de61
commit 316fcbf2f0
5 changed files with 372 additions and 5 deletions
--- a/includes/Core/Notifications/EmailManager.php
+++ b/includes/Core/Notifications/EmailManager.php
@@ -327,12 +327,12 @@ class EmailManager {
 			return $message; // Use WordPress default
 		}
 		
-		// Build reset URL - use SPA route if available, otherwise WordPress default
-		$site_url = get_site_url();
+		// Build reset URL - use SPA route
+		$admin_url = admin_url('admin.php?page=woonoow');
 		
-		// Check if this is a WooCommerce customer - use SPA reset page
-		// Otherwise fall back to WordPress default reset page
-		$reset_link = network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login');
+		// Build SPA reset password URL with hash router format
+		// Format: /wp-admin/admin.php?page=woonoow#/reset-password?key=KEY&login=LOGIN
+		$reset_link = $admin_url . '#/reset-password?key=' . $key . '&login=' . rawurlencode($user_login);
 		
 		// Create a pseudo WC_Customer for template rendering
 		$customer = null;