From f50260c19796a9d5517d90ea7fd103edad81dc18 Mon Sep 17 00:00:00 2001
From: Xyphyn <james@xylight.dev>
Date: Tue, 26 Sep 2023 16:04:21 -0700
Subject: [PATCH 1/5] feat: add email verification

---
 package.json                                  |  8 +-
 src/lib/auth.ts                               | 19 +++-
 src/routes/verify_email/[token]/+error.svelte | 15 +++
 src/routes/verify_email/[token]/+page.svelte  | 24 +++++
 src/routes/verify_email/[token]/+page.ts      |  8 ++
 yarn.lock                                     | 91 +++++++++++--------
 6 files changed, 123 insertions(+), 42 deletions(-)
 create mode 100644 src/routes/verify_email/[token]/+error.svelte
 create mode 100644 src/routes/verify_email/[token]/+page.svelte
 create mode 100644 src/routes/verify_email/[token]/+page.ts

diff --git a/package.json b/package.json
index b5b0228d..a6a69429 100644
--- a/package.json
+++ b/package.json
@@ -19,19 +19,20 @@
     "@types/markdown-it-container": "^2.0.6",
     "@types/nprogress": "^0.2.0",
     "@vite-pwa/sveltekit": "^0.2.5",
-    "autoprefixer": "^10.4.14",
+    "autoprefixer": "^10.4.16",
     "jsdom": "^22.1.0",
+    "lemmy-js-client": "^0.18.1",
     "markdown-it-container": "^3.0.0",
     "markdown-it-sub": "^1.0.0",
     "markdown-it-sup": "^1.0.0",
     "nprogress": "^0.2.0",
-    "postcss": "^8.4.24",
+    "postcss": "^8.4.30",
     "rollup-plugin-visualizer": "^5.9.2",
     "svelte": "^4.2.0",
     "svelte-check": "^3.0.1",
     "svelte-hero-icons": "^5.0.0",
     "svelte-tiny-virtual-list": "^2.0.5",
-    "tailwindcss": "^3.3.2",
+    "tailwindcss": "^3.3.3",
     "tslib": "^2.4.1",
     "typescript": "^5.0.0",
     "vite": "^4.3.0",
@@ -42,7 +43,6 @@
   "dependencies": {
     "@dicebear/core": "^6.0.4",
     "@dicebear/initials": "^6.0.4",
-    "lemmy-js-client": "^0.18.0-rc.2",
     "markdown-it": "^13.0.1",
     "mono-svelte": "^0.3.7"
   },
diff --git a/src/lib/auth.ts b/src/lib/auth.ts
index 9d51d815..ede4ee67 100644
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -146,7 +146,24 @@ async function userFromJwt(
   jwt: string,
   instance: string
 ): Promise<{ user: PersonData; site: GetSiteResponse } | undefined> {
-  const site = await getClient(instance).getSite({ auth: jwt })
+  const sitePromise = getClient(instance).getSite({
+    auth: jwt,
+  })
+
+  let timer = setTimeout(
+    () =>
+      toast({
+        content: `It's taking a while to fetch your user. Is your instance down?`,
+        type: 'warning',
+      }),
+    5000
+  )
+
+  const site = await sitePromise.then((r) => {
+    clearTimeout(timer)
+    return r
+  })
+
   const myUser = site.my_user
   if (!myUser) return undefined
 
diff --git a/src/routes/verify_email/[token]/+error.svelte b/src/routes/verify_email/[token]/+error.svelte
new file mode 100644
index 00000000..9cf26a4f
--- /dev/null
+++ b/src/routes/verify_email/[token]/+error.svelte
@@ -0,0 +1,15 @@
+<script>
+  import { page } from '$app/stores'
+  import { XMark, Icon } from 'svelte-hero-icons'
+</script>
+
+<div class="flex flex-col items-center h-max my-auto gap-2">
+  <div
+    class="rounded-full bg-red-200 dark:bg-red-900 text-red-600 dark:text-red-300 p-3"
+  >
+    <Icon src={XMark} size="32" mini />
+  </div>
+  <h1 class="text-red-800 dark:text-red-300 text-2xl font-semibold">Error</h1>
+  <p class="text-red-800 dark:text-red-300">Failed to verify your email.</p>
+  <code>{$page.error?.message}</code>
+</div>
diff --git a/src/routes/verify_email/[token]/+page.svelte b/src/routes/verify_email/[token]/+page.svelte
new file mode 100644
index 00000000..60973023
--- /dev/null
+++ b/src/routes/verify_email/[token]/+page.svelte
@@ -0,0 +1,24 @@
+<script>
+  import { LINKED_INSTANCE_URL } from '$lib/instance'
+  import { Check, Icon } from 'svelte-hero-icons'
+</script>
+
+<div class="flex flex-col items-center h-max my-auto gap-2">
+  <div
+    class="rounded-full bg-green-200 dark:bg-green-700 text-green-600 dark:text-green-200 p-3"
+  >
+    <Icon src={Check} size="32" mini />
+  </div>
+  <h1 class="text-green-800 dark:text-green-200 text-2xl font-semibold">
+    Success
+  </h1>
+  <p class="text-green-800 dark:text-green-200">
+    Your email was verified. You can safely close this window.
+  </p>
+  {#if !LINKED_INSTANCE_URL}
+    <p>
+      You somehow got to this menu despite not being linked here by the email.
+      Nice!
+    </p>
+  {/if}
+</div>
diff --git a/src/routes/verify_email/[token]/+page.ts b/src/routes/verify_email/[token]/+page.ts
new file mode 100644
index 00000000..2c1321db
--- /dev/null
+++ b/src/routes/verify_email/[token]/+page.ts
@@ -0,0 +1,8 @@
+import { getClient } from '$lib/lemmy.js'
+import { error } from '@sveltejs/kit'
+
+export async function load({ fetch, params }) {
+  await getClient(undefined, fetch).verifyEmail({
+    token: params.token,
+  })
+}
diff --git a/yarn.lock b/yarn.lock
index bd03562e..48fec4d8 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1600,14 +1600,14 @@ at-least-node@^1.0.0:
   resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2"
   integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg==
 
-autoprefixer@^10.4.14:
-  version "10.4.14"
-  resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-10.4.14.tgz#e28d49902f8e759dd25b153264e862df2705f79d"
-  integrity sha512-FQzyfOsTlwVzjHxKEqRIAdJx9niO6VCBCoEwax/VLSoQF29ggECcPuBqUMZ+u8jCZOPSy8b8/8KnuFbp0SaFZQ==
-  dependencies:
-    browserslist "^4.21.5"
-    caniuse-lite "^1.0.30001464"
-    fraction.js "^4.2.0"
+autoprefixer@^10.4.16:
+  version "10.4.16"
+  resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-10.4.16.tgz#fad1411024d8670880bdece3970aa72e3572feb8"
+  integrity sha512-7vd3UC6xKp0HLfua5IjZlcXvGAGy7cBAXTg2lyQ/8WpNhd6SiZ8Be+xm3FyBSYJx5GKcpRCzBh7RH4/0dnY+uQ==
+  dependencies:
+    browserslist "^4.21.10"
+    caniuse-lite "^1.0.30001538"
+    fraction.js "^4.3.6"
     normalize-range "^0.1.2"
     picocolors "^1.0.0"
     postcss-value-parser "^4.2.0"
@@ -1680,15 +1680,15 @@ braces@^3.0.2, braces@~3.0.2:
   dependencies:
     fill-range "^7.0.1"
 
-browserslist@^4.21.5:
-  version "4.21.9"
-  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.21.9.tgz#e11bdd3c313d7e2a9e87e8b4b0c7872b13897635"
-  integrity sha512-M0MFoZzbUrRU4KNfCrDLnvyE7gub+peetoTid3TBIqtunaDJyXlwhakT+/VkvSXcfIzFfK/nkCs4nmyTmxdNSg==
+browserslist@^4.21.10:
+  version "4.22.0"
+  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.22.0.tgz#6adc8116589ccea8a99d0df79c5de2436199abdb"
+  integrity sha512-v+Jcv64L2LbfTC6OnRcaxtqJNJuQAVhZKSJfR/6hn7lhnChUXl4amwVviqN1k411BB+3rRoKMitELRn1CojeRA==
   dependencies:
-    caniuse-lite "^1.0.30001503"
-    electron-to-chromium "^1.4.431"
-    node-releases "^2.0.12"
-    update-browserslist-db "^1.0.11"
+    caniuse-lite "^1.0.30001539"
+    electron-to-chromium "^1.4.530"
+    node-releases "^2.0.13"
+    update-browserslist-db "^1.0.13"
 
 browserslist@^4.21.9:
   version "4.21.10"
@@ -1745,16 +1745,16 @@ camelcase-css@^2.0.1:
   resolved "https://registry.yarnpkg.com/camelcase-css/-/camelcase-css-2.0.1.tgz#ee978f6947914cc30c6b44741b6ed1df7f043fd5"
   integrity sha512-QOSvevhslijgYwRx6Rv7zKdMF8lbRmx+uQGx2+vDc+KI/eBnsy9kit5aj23AgGu3pa4t9AgwbnXWqS+iOY+2aA==
 
-caniuse-lite@^1.0.30001464, caniuse-lite@^1.0.30001503:
-  version "1.0.30001515"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001515.tgz#418aefeed9d024cd3129bfae0ccc782d4cb8f12b"
-  integrity sha512-eEFDwUOZbE24sb+Ecsx3+OvNETqjWIdabMy52oOkIgcUtAsQifjUG9q4U9dgTHJM2mfk4uEPxc0+xuFdJ629QA==
-
 caniuse-lite@^1.0.30001517:
   version "1.0.30001518"
   resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001518.tgz#b3ca93904cb4699c01218246c4d77a71dbe97150"
   integrity sha512-rup09/e3I0BKjncL+FesTayKtPrdwKhUufQFd3riFw1hHg8JmIFoInYfB102cFcY/pPgGmdyl/iy+jgiDi2vdA==
 
+caniuse-lite@^1.0.30001538, caniuse-lite@^1.0.30001539:
+  version "1.0.30001539"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001539.tgz#325a387ab1ed236df2c12dc6cd43a4fff9903a44"
+  integrity sha512-hfS5tE8bnNiNvEOEkm8HElUHroYwlqMMENEzELymy77+tJ6m+gA2krtHl5hxJaj71OlpC2cHZbdSMX1/YEqEkA==
+
 chai@^4.3.7:
   version "4.3.7"
   resolved "https://registry.yarnpkg.com/chai/-/chai-4.3.7.tgz#ec63f6df01829088e8bf55fca839bcd464a8ec51"
@@ -2025,16 +2025,16 @@ ejs@^3.1.6:
   dependencies:
     jake "^10.8.5"
 
-electron-to-chromium@^1.4.431:
-  version "1.4.461"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.461.tgz#6b14af66042732bf883ab63a4d82cac8f35eb252"
-  integrity sha512-1JkvV2sgEGTDXjdsaQCeSwYYuhLRphRpc+g6EHTFELJXEiznLt3/0pZ9JuAOQ5p2rI3YxKTbivtvajirIfhrEQ==
-
 electron-to-chromium@^1.4.477:
   version "1.4.482"
   resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.482.tgz#77c5ed37b93d4dda860e27538e0e2a01d6a19e02"
   integrity sha512-h+UqpfmEr1Qkk0zp7ej/jid7CXoq4m4QzW6wNTb0ELJ/BZCpA4wgUylBIMGCe621tnr4l5VmoHjdoSx2lbnNJA==
 
+electron-to-chromium@^1.4.530:
+  version "1.4.530"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.530.tgz#c31a44346739bb34acb1a4026a07c3b9eeeb326c"
+  integrity sha512-rsJ9O8SCI4etS8TBsXuRfHa2eZReJhnGf5MHZd3Vo05PukWHKXhk3VQGbHHnDLa8nZz9woPCpLCMQpLGgkGNRA==
+
 emoji-regex@^8.0.0:
   version "8.0.0"
   resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37"
@@ -2241,10 +2241,10 @@ form-data@^4.0.0:
     combined-stream "^1.0.8"
     mime-types "^2.1.12"
 
-fraction.js@^4.2.0:
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/fraction.js/-/fraction.js-4.2.0.tgz#448e5109a313a3527f5a3ab2119ec4cf0e0e2950"
-  integrity sha512-MhLuK+2gUcnZe8ZHlaaINnQLl0xRIGRfcGk2yl8xoQAfHrSsL3rYu6FCmBdkdbhc9EPlwyGHewaRsvwRMJtAlA==
+fraction.js@^4.3.6:
+  version "4.3.6"
+  resolved "https://registry.yarnpkg.com/fraction.js/-/fraction.js-4.3.6.tgz#e9e3acec6c9a28cf7bc36cbe35eea4ceb2c5c92d"
+  integrity sha512-n2aZ9tNfYDwaHhvFTkhFErqOMIb8uyzSQ+vGJBjZyanAKZVbGUQ1sngfk9FdkBw7G26O7AgNjLcecLffD1c7eg==
 
 fs-extra@^9.0.1:
   version "9.1.0"
@@ -2821,7 +2821,7 @@ kleur@^4.1.5:
   resolved "https://registry.yarnpkg.com/kleur/-/kleur-4.1.5.tgz#95106101795f7050c6c650f350c683febddb1780"
   integrity sha512-o+NO+8WrRiQEE4/7nwRJhN1HWpVmJm511pBHUxPLtp0BUISzlBplORYSmTclCnJvQq2tKu/sgl3xVpkc7ZWuQQ==
 
-lemmy-js-client@^0.18.0-rc.2:
+lemmy-js-client@^0.18.1:
   version "0.18.1"
   resolved "https://registry.yarnpkg.com/lemmy-js-client/-/lemmy-js-client-0.18.1.tgz#28df266eded0ef4a72b05ee6eabebddadfd81a27"
   integrity sha512-maafUZ9ZJkXthRZmM0+limJmymF2kmN/8SiKufS3V4OVNM72s+wUFFiyhKmA370g23iZRW6SUagE7jNKnqNyYQ==
@@ -3066,13 +3066,13 @@ nanoid@^3.3.6:
   integrity sha512-BGcqMMJuToF7i1rt+2PWSNVnWIkGCU78jBG3RxO/bZlnZPK2Cmi2QaffxGO/2RvWi9sL+FAiRiXMgsyxQ1DIDA==
 
 node-fetch@^2.6.12:
-  version "2.6.12"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.12.tgz#02eb8e22074018e3d5a83016649d04df0e348fba"
-  integrity sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==
+  version "2.7.0"
+  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.7.0.tgz#d0f0fa6e3e2dc1d27efcd8ad99d550bda94d187d"
+  integrity sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==
   dependencies:
     whatwg-url "^5.0.0"
 
-node-releases@^2.0.12, node-releases@^2.0.13:
+node-releases@^2.0.13:
   version "2.0.13"
   resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.13.tgz#d5ed1627c23e3461e819b02e57b75e4899b1c81d"
   integrity sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==
@@ -3266,7 +3266,7 @@ postcss-value-parser@^4.0.0, postcss-value-parser@^4.2.0:
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz#723c09920836ba6d3e5af019f92bc0971c02e514"
   integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==
 
-postcss@^8.4.23, postcss@^8.4.24, postcss@^8.4.25:
+postcss@^8.4.23, postcss@^8.4.25:
   version "8.4.26"
   resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.26.tgz#1bc62ab19f8e1e5463d98cf74af39702a00a9e94"
   integrity sha512-jrXHFF8iTloAenySjM/ob3gSj7pCu0Ji49hnjqzsgSRa50hkWCKD0HQ+gMNJkW38jBI68MpAAg7ZWwHwX8NMMw==
@@ -3275,6 +3275,15 @@ postcss@^8.4.23, postcss@^8.4.24, postcss@^8.4.25:
     picocolors "^1.0.0"
     source-map-js "^1.0.2"
 
+postcss@^8.4.30:
+  version "8.4.30"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.30.tgz#0e0648d551a606ef2192a26da4cabafcc09c1aa7"
+  integrity sha512-7ZEao1g4kd68l97aWG/etQKPKq07us0ieSZ2TnFDk11i0ZfDW2AwKHYU8qv4MZKqN2fdBfg+7q0ES06UA73C1g==
+  dependencies:
+    nanoid "^3.3.6"
+    picocolors "^1.0.0"
+    source-map-js "^1.0.2"
+
 pretty-bytes@^5.3.0:
   version "5.6.0"
   resolved "https://registry.yarnpkg.com/pretty-bytes/-/pretty-bytes-5.6.0.tgz#356256f643804773c82f64723fe78c92c62beaeb"
@@ -3836,7 +3845,7 @@ symbol-tree@^3.2.4:
   resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2"
   integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==
 
-tailwindcss@^3.3.2:
+tailwindcss@^3.3.3:
   version "3.3.3"
   resolved "https://registry.yarnpkg.com/tailwindcss/-/tailwindcss-3.3.3.tgz#90da807393a2859189e48e9e7000e6880a736daf"
   integrity sha512-A0KgSkef7eE4Mf+nKJ83i75TMyq8HqY3qmFIJSWy8bNt0v1lG7jUcpGpoTFxAwYcWOphcTBLPPJg+bDfhDf52w==
@@ -4130,6 +4139,14 @@ update-browserslist-db@^1.0.11:
     escalade "^3.1.1"
     picocolors "^1.0.0"
 
+update-browserslist-db@^1.0.13:
+  version "1.0.13"
+  resolved "https://registry.yarnpkg.com/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz#3c5e4f5c083661bd38ef64b6328c26ed6c8248c4"
+  integrity sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==
+  dependencies:
+    escalade "^3.1.1"
+    picocolors "^1.0.0"
+
 uri-js@^4.2.2:
   version "4.4.1"
   resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.1.tgz#9b1a52595225859e55f669d928f88c6c57f2a77e"

From 505175277c4e894b00025d2b87cac63f6c403283 Mon Sep 17 00:00:00 2001
From: Xyphyn <james@xylight.dev>
Date: Tue, 26 Sep 2023 16:27:16 -0700
Subject: [PATCH 2/5] feat: add password resets

---
 src/routes/login/+page.svelte                 | 11 ++-
 src/routes/login_reset/+page.svelte           | 64 ++++++++++++++
 .../password_change/[token]/+error.svelte     | 17 ++++
 .../password_change/[token]/+page.svelte      | 83 +++++++++++++++++++
 src/routes/password_change/[token]/+page.ts   |  3 +
 5 files changed, 177 insertions(+), 1 deletion(-)
 create mode 100644 src/routes/login_reset/+page.svelte
 create mode 100644 src/routes/password_change/[token]/+error.svelte
 create mode 100644 src/routes/password_change/[token]/+page.svelte
 create mode 100644 src/routes/password_change/[token]/+page.ts

diff --git a/src/routes/login/+page.svelte b/src/routes/login/+page.svelte
index 565d0a62..8b0ffce2 100644
--- a/src/routes/login/+page.svelte
+++ b/src/routes/login/+page.svelte
@@ -6,7 +6,12 @@
   import { DEFAULT_INSTANCE_URL, LINKED_INSTANCE_URL } from '$lib/instance.js'
   import { getClient, validateInstance } from '$lib/lemmy.js'
   import { Button, TextInput } from 'mono-svelte'
-  import { AtSymbol, Icon, Identification } from 'svelte-hero-icons'
+  import {
+    AtSymbol,
+    Icon,
+    Identification,
+    QuestionMarkCircle,
+  } from 'svelte-hero-icons'
 
   let data = {
     instance: DEFAULT_INSTANCE_URL,
@@ -116,6 +121,10 @@
         <Icon src={Identification} mini size="16" />
         Sign Up
       </Button>
+      <Button color="tertiary" href="/login_reset">
+        <Icon src={QuestionMarkCircle} mini size="16" />
+        Forgot Password
+      </Button>
     </div>
   </form>
 </div>
diff --git a/src/routes/login_reset/+page.svelte b/src/routes/login_reset/+page.svelte
new file mode 100644
index 00000000..889f9f54
--- /dev/null
+++ b/src/routes/login_reset/+page.svelte
@@ -0,0 +1,64 @@
+<script lang="ts">
+  import {
+    DEFAULT_INSTANCE_URL,
+    LINKED_INSTANCE_URL,
+    instance as currentInstance,
+  } from '$lib/instance.js'
+  import { getClient, validateInstance } from '$lib/lemmy.js'
+  import { Button, TextInput, toast } from 'mono-svelte'
+
+  let instance = LINKED_INSTANCE_URL || $currentInstance || ''
+  let email = ''
+  let loading = false
+
+  async function submit() {
+    loading = true
+    try {
+      if (!(await validateInstance(instance)))
+        throw new Error('Failed to contact instance url')
+
+      await getClient(instance).passwordReset({
+        email: email,
+      })
+
+      toast({
+        content: 'A password reset link was sent to your email.',
+        type: 'success',
+      })
+    } catch (err) {
+      toast({
+        content: err as any,
+        type: 'error',
+      })
+    }
+    loading = false
+  }
+</script>
+
+<div class="my-auto max-w-xl mx-auto flex flex-col gap-2">
+  <h1 class="font-bold text-3xl">Reset Password</h1>
+  <p>
+    Enter the email of your account, and a password reset link will be sent. If
+    you did not have an email set up, contact your instance admins.
+  </p>
+  <form class="mt-2 flex flex-col gap-4" on:submit|preventDefault={submit}>
+    {#if !LINKED_INSTANCE_URL}
+      <TextInput
+        bind:value={instance}
+        label="Instance URL"
+        placeholder={DEFAULT_INSTANCE_URL}
+        required
+      />
+    {/if}
+    <TextInput
+      bind:value={email}
+      label="Email"
+      type="email"
+      required
+      placeholder="example@example.com"
+    />
+    <Button color="primary" size="lg" {loading} disabled={loading} submit>
+      Submit
+    </Button>
+  </form>
+</div>
diff --git a/src/routes/password_change/[token]/+error.svelte b/src/routes/password_change/[token]/+error.svelte
new file mode 100644
index 00000000..ed12fc81
--- /dev/null
+++ b/src/routes/password_change/[token]/+error.svelte
@@ -0,0 +1,17 @@
+<script>
+  import { page } from '$app/stores'
+  import { XMark, Icon } from 'svelte-hero-icons'
+</script>
+
+<div class="flex flex-col items-center h-max my-auto gap-2">
+  <div
+    class="rounded-full bg-red-200 dark:bg-red-900 text-red-600 dark:text-red-300 p-3"
+  >
+    <Icon src={XMark} size="32" mini />
+  </div>
+  <h1 class="text-red-800 dark:text-red-300 text-2xl font-semibold">Error</h1>
+  <p class="text-red-800 dark:text-red-300">
+    That password reset token doesn't exist.
+  </p>
+  <code>{$page.error?.message}</code>
+</div>
diff --git a/src/routes/password_change/[token]/+page.svelte b/src/routes/password_change/[token]/+page.svelte
new file mode 100644
index 00000000..f1d1e835
--- /dev/null
+++ b/src/routes/password_change/[token]/+page.svelte
@@ -0,0 +1,83 @@
+<script lang="ts">
+  import { goto } from '$app/navigation'
+  import {
+    DEFAULT_INSTANCE_URL,
+    LINKED_INSTANCE_URL,
+    instance as currentInstance,
+  } from '$lib/instance.js'
+  import { getClient, validateInstance } from '$lib/lemmy.js'
+  import { Button, TextInput, toast } from 'mono-svelte'
+
+  export let data: {
+    token: string
+  }
+
+  let instance = LINKED_INSTANCE_URL || $currentInstance || ''
+  let password = '',
+    password_verify = ''
+  let loading = false
+
+  async function submit() {
+    loading = true
+    try {
+      if (!(await validateInstance(instance)))
+        throw new Error('Failed to contact instance url')
+
+      await getClient(instance).passwordChangeAfterReset({
+        password: password,
+        password_verify: password_verify,
+        token: data.token,
+      })
+
+      toast({
+        content: 'Your password was reset.',
+        type: 'success',
+      })
+
+      goto('/login')
+    } catch (err) {
+      toast({
+        content: err as any,
+        type: 'error',
+      })
+    }
+    loading = false
+  }
+</script>
+
+<div class="my-auto max-w-xl mx-auto flex flex-col gap-2">
+  <h1 class="font-bold text-3xl">Reset Password</h1>
+  <p>
+    You've clicked an email with the password reset link in it. Now, choose your
+    new password.
+  </p>
+  <form class="mt-2 flex flex-col gap-4" on:submit|preventDefault={submit}>
+    {#if !LINKED_INSTANCE_URL}
+      <TextInput
+        bind:value={instance}
+        label="Instance URL"
+        placeholder={DEFAULT_INSTANCE_URL}
+        required
+      >
+        <span class="font-normal text-xs">
+          What instance did you reset your password for?
+        </span>
+      </TextInput>
+    {/if}
+    <TextInput
+      bind:value={password}
+      label="New Password"
+      type="password"
+      required
+    />
+    <TextInput
+      bind:value={password_verify}
+      label="New Password (Verify)"
+      type="password"
+      required
+    />
+    <Button color="primary" size="lg" {loading} disabled={loading} submit>
+      Submit
+    </Button>
+  </form>
+</div>
diff --git a/src/routes/password_change/[token]/+page.ts b/src/routes/password_change/[token]/+page.ts
new file mode 100644
index 00000000..8f31c281
--- /dev/null
+++ b/src/routes/password_change/[token]/+page.ts
@@ -0,0 +1,3 @@
+export const load = ({ params }) => ({
+  token: params.token,
+})

From 76f22dab5c94ce224ffd58db35947ef89f9d10ac Mon Sep 17 00:00:00 2001
From: Xyphyn <james@xylight.dev>
Date: Tue, 26 Sep 2023 18:19:16 -0700
Subject: [PATCH 3/5] feat: add password changing

---
 src/lib/auth.ts                               | 15 ++++-
 src/routes/communities/+page.svelte           |  2 +-
 src/routes/create/post/+page.svelte           |  2 +-
 src/routes/moderation/+page.svelte            |  2 +-
 src/routes/profile/(local_user)/+layout.ts    |  7 ---
 .../(local_user)/password/+page.svelte        | 55 +++++++++++++++++++
 .../(local_user)/settings/+page.svelte        |  6 +-
 src/routes/profile/+layout.svelte             |  9 ++-
 src/routes/profile/+layout.ts                 | 41 ++------------
 src/routes/profile/user/+page.ts              | 49 +++++++++++++++++
 src/routes/saved/+page.svelte                 |  2 +-
 src/routes/search/+page.svelte                |  2 +-
 12 files changed, 138 insertions(+), 54 deletions(-)
 delete mode 100644 src/routes/profile/(local_user)/+layout.ts
 create mode 100644 src/routes/profile/(local_user)/password/+page.svelte
 create mode 100644 src/routes/profile/user/+page.ts

diff --git a/src/lib/auth.ts b/src/lib/auth.ts
index ede4ee67..34fab3c4 100644
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -135,7 +135,7 @@ export async function setUser(jwt: string, inst: string, username: string) {
 
     return {
       profile: id,
-      profiles: [...pd.profiles, newProfile],
+      profiles: [newProfile, ...pd.profiles],
     }
   })
 
@@ -227,6 +227,19 @@ instance.subscribe(async (i) => {
   } catch (e) {}
 })
 
+export function updateJwt(id: number, newJwt: string) {
+  const pd = get(profileData)
+  let prof = pd.profiles.find((p) => p.id == id)
+
+  if (!prof) return
+  prof = serializeUser(prof)
+  prof.jwt = newJwt
+
+  profileData.update((p) => ({ ...p, profile: id }))
+
+  profile.update(() => prof)
+}
+
 export async function setUserID(id: number) {
   const pd = get(profileData)
   if (id == -1) {
diff --git a/src/routes/communities/+page.svelte b/src/routes/communities/+page.svelte
index 7bdb4ede..7d7bc635 100644
--- a/src/routes/communities/+page.svelte
+++ b/src/routes/communities/+page.svelte
@@ -40,7 +40,7 @@
   <title>Communities</title>
 </svelte:head>
 
-<h1 class="text-2xl font-bold">
+<h1 class="text-3xl font-bold">
   <span>Communities</span>
   <Popover
     openOnHover
diff --git a/src/routes/create/post/+page.svelte b/src/routes/create/post/+page.svelte
index 0f140199..cab859bf 100644
--- a/src/routes/create/post/+page.svelte
+++ b/src/routes/create/post/+page.svelte
@@ -46,6 +46,6 @@
     passedCommunity={community}
     on:submit={(e) => goto(`/post/${e.detail.post.id}`)}
   >
-    <h1 class="text-2xl font-bold" slot="formtitle">Create Post</h1>
+    <h1 class="text-3xl font-bold" slot="formtitle">Create Post</h1>
   </PostForm>
 </div>
diff --git a/src/routes/moderation/+page.svelte b/src/routes/moderation/+page.svelte
index a2f6d6ad..0b2c31d7 100644
--- a/src/routes/moderation/+page.svelte
+++ b/src/routes/moderation/+page.svelte
@@ -19,7 +19,7 @@
 </script>
 
 <div class="mb-4 flex flex-col gap-4">
-  <h1 class="font-bold text-2xl">Reports</h1>
+  <h1 class="font-bold text-3xl">Reports</h1>
   <div class="flex flex-row gap-2 flex-wrap items-center">
     <Select
       bind:value={data.type}
diff --git a/src/routes/profile/(local_user)/+layout.ts b/src/routes/profile/(local_user)/+layout.ts
deleted file mode 100644
index 52d6d377..00000000
--- a/src/routes/profile/(local_user)/+layout.ts
+++ /dev/null
@@ -1,7 +0,0 @@
-import { profile } from '$lib/auth.js'
-import { getClient } from '$lib/lemmy.js'
-import { get } from 'svelte/store'
-
-export async function load() {
-  return (await getClient().getSite({ auth: get(profile)?.jwt })).my_user
-}
diff --git a/src/routes/profile/(local_user)/password/+page.svelte b/src/routes/profile/(local_user)/password/+page.svelte
new file mode 100644
index 00000000..37723bbf
--- /dev/null
+++ b/src/routes/profile/(local_user)/password/+page.svelte
@@ -0,0 +1,55 @@
+<script lang="ts">
+  import { profile, setUser, setUserID, updateJwt } from '$lib/auth.js'
+  import { getClient } from '$lib/lemmy.js'
+  import { trycatch } from '$lib/util.js'
+  import { Button, TextInput, toast } from 'mono-svelte'
+
+  let oldPassword = '',
+    newPassword = '',
+    newPasswordVerify = ''
+
+  async function submit() {
+    const res = await trycatch(async () => {
+      if (!$profile?.jwt) return
+      const res = await getClient().changePassword({
+        auth: $profile?.jwt,
+        new_password: newPassword,
+        new_password_verify: newPasswordVerify,
+        old_password: oldPassword,
+      })
+      if (res?.jwt) {
+        updateJwt($profile.id, res.jwt)
+        await setUserID($profile.id)
+
+        toast({ content: 'Your login was refreshed.', type: 'success' })
+      } else {
+        throw new Error('Invalid credentials')
+      }
+    })
+
+    if (res) toast({ content: 'Successfully changed your password. ' })
+  }
+</script>
+
+<h1 class="font-bold text-3xl">Change Password</h1>
+<form on:submit|preventDefault={submit} class="max-w-sm flex flex-col gap-4">
+  <TextInput
+    bind:value={oldPassword}
+    label="Current Password"
+    type="password"
+    required
+  />
+  <TextInput
+    bind:value={newPassword}
+    label="New Password"
+    type="password"
+    required
+  />
+  <TextInput
+    bind:value={newPasswordVerify}
+    label="New Password (Verify)"
+    type="password"
+    required
+  />
+  <Button size="lg" color="primary" submit>Submit</Button>
+</form>
diff --git a/src/routes/profile/(local_user)/settings/+page.svelte b/src/routes/profile/(local_user)/settings/+page.svelte
index 767ec9da..c0055256 100644
--- a/src/routes/profile/(local_user)/settings/+page.svelte
+++ b/src/routes/profile/(local_user)/settings/+page.svelte
@@ -11,8 +11,8 @@
   export let data
 
   let formData: Omit<SaveUserSettings, 'auth'> | undefined = {
-    ...data.local_user_view?.local_user,
-    ...data.local_user_view?.person,
+    ...data.my_user?.local_user_view?.local_user,
+    ...data.my_user?.local_user_view?.person,
   }
 
   let profileImage: FileList | undefined
@@ -150,7 +150,7 @@
 
 <form class="flex flex-col gap-4 h-full" on:submit|preventDefault={save}>
   <h1 class="font-bold text-2xl">User settings</h1>
-  {#if data.local_user_view?.local_user && formData}
+  {#if data.my_user?.local_user_view?.local_user && formData}
     <TextInput
       label="Display name"
       bind:value={formData.display_name}
diff --git a/src/routes/profile/+layout.svelte b/src/routes/profile/+layout.svelte
index afdf8033..d37518f0 100644
--- a/src/routes/profile/+layout.svelte
+++ b/src/routes/profile/+layout.svelte
@@ -12,8 +12,13 @@
 <div class="flex flex-col gap-4 h-full">
   <MultiSelect
     headless
-    options={['/profile/user', '/profile/settings', '/profile/blocks']}
-    optionNames={['User', 'Settings', 'Blocks']}
+    options={[
+      '/profile/user',
+      '/profile/settings',
+      '/profile/blocks',
+      '/profile/password',
+    ]}
+    optionNames={['User', 'Settings', 'Blocks', 'Password']}
     selected={$page.url.pathname}
     on:select={(e) => {
       goto(e.detail)
diff --git a/src/routes/profile/+layout.ts b/src/routes/profile/+layout.ts
index 8eb71dc4..62a317db 100644
--- a/src/routes/profile/+layout.ts
+++ b/src/routes/profile/+layout.ts
@@ -5,43 +5,12 @@ import type { SortType } from 'lemmy-js-client'
 import { get } from 'svelte/store'
 
 export async function load({ params, url, fetch }) {
-  const page = Number(url.searchParams.get('page')) || 1
-  const type: 'comments' | 'posts' | 'all' =
-    (url.searchParams.get('type') as 'comments' | 'posts' | 'all') || 'all'
-  const sort: SortType = (url.searchParams.get('sort') as SortType) || 'New'
-
-  const user = await getClient(undefined, fetch).getPersonDetails({
-    limit: 20,
-    page: page,
-    username: get(profile)!.user?.local_user_view.person.name,
-    sort: sort,
-    auth: get(profile)?.jwt,
-  })
-
-  const items = [...user.posts, ...user.comments]
-
-  if (sort == 'TopAll') {
-    items.sort(
-      (a, b) =>
-        b.counts.upvotes -
-        b.counts.downvotes -
-        (a.counts.upvotes - a.counts.downvotes)
-    )
-  } else if (sort == 'New') {
-    items.sort(
-      (a, b) =>
-        Date.parse(getItemPublished(b)) - Date.parse(getItemPublished(a))
-    )
-  }
+  const my_user = (await getClient().getSite({ auth: get(profile)?.jwt }))
+    .my_user
 
   return {
-    type: type,
-    page: page,
-    sort: sort,
-    user: {
-      person_view: user.person_view,
-      moderates: user.moderates,
-      submissions: items,
-    },
+    my_user: my_user,
+    community_blocks: my_user?.community_blocks,
+    person_blocks: my_user?.person_blocks,
   }
 }
diff --git a/src/routes/profile/user/+page.ts b/src/routes/profile/user/+page.ts
new file mode 100644
index 00000000..976e52cf
--- /dev/null
+++ b/src/routes/profile/user/+page.ts
@@ -0,0 +1,49 @@
+import { profile } from '$lib/auth.js'
+import { getClient } from '$lib/lemmy.js'
+import { getItemPublished } from '$lib/lemmy/item.js'
+import type { SortType } from 'lemmy-js-client'
+import { get } from 'svelte/store'
+
+export async function load({ url, fetch, parent }) {
+  const page = Number(url.searchParams.get('page')) || 1
+  const type: 'comments' | 'posts' | 'all' =
+    (url.searchParams.get('type') as 'comments' | 'posts' | 'all') || 'all'
+  const sort: SortType = (url.searchParams.get('sort') as SortType) || 'New'
+
+  const { my_user } = await parent()
+
+  const user = await getClient(undefined, fetch).getPersonDetails({
+    limit: 20,
+    page: page,
+    username: my_user?.local_user_view.person.name,
+    sort: sort,
+    auth: get(profile)?.jwt,
+  })
+
+  const items = [...user.posts, ...user.comments]
+
+  if (sort == 'TopAll') {
+    items.sort(
+      (a, b) =>
+        b.counts.upvotes -
+        b.counts.downvotes -
+        (a.counts.upvotes - a.counts.downvotes)
+    )
+  } else if (sort == 'New') {
+    items.sort(
+      (a, b) =>
+        Date.parse(getItemPublished(b)) - Date.parse(getItemPublished(a))
+    )
+  }
+
+  return {
+    type: type,
+    page: page,
+    sort: sort,
+    user: {
+      submissions: items,
+      moderates: user.moderates,
+      person_view: user.person_view,
+    },
+  }
+}
diff --git a/src/routes/saved/+page.svelte b/src/routes/saved/+page.svelte
index cfa1551a..44765456 100644
--- a/src/routes/saved/+page.svelte
+++ b/src/routes/saved/+page.svelte
@@ -18,7 +18,7 @@
   <title>Saved</title>
 </svelte:head>
 
-<h1 class="text-2xl font-bold">Saved</h1>
+<h1 class="text-3xl font-bold">Saved</h1>
 <div
   class="flex flex-col list-none my-4 divide-slate-200 dark:divide-zinc-800"
   class:gap-4={$userSettings.view == 'card'}
diff --git a/src/routes/search/+page.svelte b/src/routes/search/+page.svelte
index 3d1320e0..08e9bb6b 100644
--- a/src/routes/search/+page.svelte
+++ b/src/routes/search/+page.svelte
@@ -45,7 +45,7 @@
   <title>Search</title>
 </svelte:head>
 
-<h1 class="font-bold text-2xl">Search</h1>
+<h1 class="font-bold text-3xl">Search</h1>
 <div class="flex flex-row flex-wrap sm:justify-between items-center gap-4 mt-4">
   <Select
     bind:value={data.type}

From ac147086f12eaa5efee4fdb702d81f994ec9ec95 Mon Sep 17 00:00:00 2001
From: Xyphyn <james@xylight.dev>
Date: Tue, 26 Sep 2023 18:35:51 -0700
Subject: [PATCH 4/5] fix: make password changing actually work

---
 src/lib/auth.ts                                 | 13 -------------
 src/routes/admin/config/+page.svelte            | 10 ++++++++++
 src/routes/login/+page.svelte                   |  3 +--
 .../profile/(local_user)/password/+page.svelte  | 17 +++++++++++++----
 4 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/src/lib/auth.ts b/src/lib/auth.ts
index 34fab3c4..5e824d6e 100644
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -227,19 +227,6 @@ instance.subscribe(async (i) => {
   } catch (e) {}
 })
 
-export function updateJwt(id: number, newJwt: string) {
-  const pd = get(profileData)
-  let prof = pd.profiles.find((p) => p.id == id)
-
-  if (!prof) return
-  prof = serializeUser(prof)
-  prof.jwt = newJwt
-
-  profileData.update((p) => ({ ...p, profile: id }))
-
-  profile.update(() => prof)
-}
-
 export async function setUserID(id: number) {
   const pd = get(profileData)
   if (id == -1) {
diff --git a/src/routes/admin/config/+page.svelte b/src/routes/admin/config/+page.svelte
index 920d7e82..dc293a15 100644
--- a/src/routes/admin/config/+page.svelte
+++ b/src/routes/admin/config/+page.svelte
@@ -128,6 +128,16 @@
     <Checkbox bind:checked={formData.federation_enabled} defaultValue={true}>
       Federation enabled
     </Checkbox>
+    <Checkbox bind:checked={formData.federation_debug} defaultValue={false}>
+      Federation debug mode
+    </Checkbox>
+    <Checkbox bind:checked={formData.captcha_enabled} defaultValue={false}>
+      Captcha enabled
+    </Checkbox>
+    {#if formData.captcha_enabled}
+      {console.log(formData.captcha_difficulty)}
+      <Select bind:value={formData.captcha_difficulty} />
+    {/if}
   {/if}
   <Button color="primary" size="lg" loading={saving} disabled={saving} submit>
     Save
diff --git a/src/routes/login/+page.svelte b/src/routes/login/+page.svelte
index 8b0ffce2..e0363ea9 100644
--- a/src/routes/login/+page.svelte
+++ b/src/routes/login/+page.svelte
@@ -1,8 +1,7 @@
 <script lang="ts">
   import { goto } from '$app/navigation'
   import { setUser } from '$lib/auth.js'
-  import Link from '$lib/components/input/Link.svelte'
-  import { Material, toast } from 'mono-svelte'
+  import { toast } from 'mono-svelte'
   import { DEFAULT_INSTANCE_URL, LINKED_INSTANCE_URL } from '$lib/instance.js'
   import { getClient, validateInstance } from '$lib/lemmy.js'
   import { Button, TextInput } from 'mono-svelte'
diff --git a/src/routes/profile/(local_user)/password/+page.svelte b/src/routes/profile/(local_user)/password/+page.svelte
index 37723bbf..3e225c33 100644
--- a/src/routes/profile/(local_user)/password/+page.svelte
+++ b/src/routes/profile/(local_user)/password/+page.svelte
@@ -1,14 +1,17 @@
 <script lang="ts">
-  import { profile, setUser, setUserID, updateJwt } from '$lib/auth.js'
+  import { deleteProfile, profile, setUser } from '$lib/auth.js'
   import { getClient } from '$lib/lemmy.js'
   import { trycatch } from '$lib/util.js'
   import { Button, TextInput, toast } from 'mono-svelte'
+  import { instance as currentInstance } from '$lib/instance.js'
 
   let oldPassword = '',
     newPassword = '',
     newPasswordVerify = ''
+  let loading = false
 
   async function submit() {
+    loading = true
     const res = await trycatch(async () => {
       if (!$profile?.jwt) return
       const res = await getClient().changePassword({
@@ -18,8 +21,10 @@
         old_password: oldPassword,
       })
       if (res?.jwt) {
-        updateJwt($profile.id, res.jwt)
-        await setUserID($profile.id)
+        const { instance, username } = $profile
+        deleteProfile($profile.id)
+        await setUser(res.jwt, instance, username!)
+        $currentInstance = instance
 
         toast({ content: 'Your login was refreshed.', type: 'success' })
       } else {
@@ -28,6 +33,8 @@
     })
 
     if (res) toast({ content: 'Successfully changed your password. ' })
+
+    loading = false
   }
 </script>
 
@@ -51,5 +58,7 @@
     type="password"
     required
   />
-  <Button size="lg" color="primary" submit>Submit</Button>
+  <Button size="lg" color="primary" submit {loading} disabled={loading}>
+    Submit
+  </Button>
 </form>

From cec0bbc132f212c1ae55a3ea33d2ac080cce0af5 Mon Sep 17 00:00:00 2001
From: Xyphyn <james@xylight.dev>
Date: Tue, 26 Sep 2023 18:53:13 -0700
Subject: [PATCH 5/5] misc: fix logging in even when email isn't verified

---
 package.json                              |  2 +-
 src/routes/signup/[instance]/+page.svelte | 17 ++++++++++++-----
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/package.json b/package.json
index a6a69429..66efa0bf 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "photon-lemmy",
-  "version": "1.12.2",
+  "version": "1.13.0",
   "private": true,
   "scripts": {
     "dev": "vite dev",
diff --git a/src/routes/signup/[instance]/+page.svelte b/src/routes/signup/[instance]/+page.svelte
index 0da1eb36..cd0fb61e 100644
--- a/src/routes/signup/[instance]/+page.svelte
+++ b/src/routes/signup/[instance]/+page.svelte
@@ -19,6 +19,7 @@
     QuestionMarkCircle,
     XCircle,
   } from 'svelte-hero-icons'
+  import { instance as currentInstance } from '$lib/instance.js'
 
   export let data
 
@@ -63,19 +64,25 @@
       })
 
       toast({
-        content: `Signed up.${
-          res.verify_email_sent ? ' A verification email was sent.' : ''
-        }`,
+        content: 'Signed up.',
         type: 'success',
       })
 
-      if (res?.jwt) {
+      if (res?.jwt && res.verify_email_sent) {
         await setUser(res.jwt, $page.params.instance, username)
 
         toast({ content: 'Successfully logged in.', type: 'success' })
         goto('/')
+      } else if (res.verify_email_sent) {
+        currentInstance.set(instance)
+        toast({
+          content:
+            'A verification link was sent to your email. Verify your email, and then you can log in.',
+          type: 'info',
+        })
+        goto('/')
       } else {
-        throw new Error('Invalid credentials')
+        throw new Error('Failed to sign up.')
       }
     } catch (err) {
       toast({