Upgraded to 1.1.0

1.1.0 (2025-10-09) - **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination - **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP) - **Remote Session Control** - Terminate any device instantly with immediate logout validation - **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons - **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops) - **Welcome Notifications** - Sent to new users on registration or fresh install - **Upgrade Notifications** - Admins notified on system updates with version & migration count - **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display - **Web-Based Updater** - `/install/update` for running new migrations with smart detection - **User Registration** - Full signup flow with email verification, password reset, resend verification - **User Management** - CRUD for users with filtering, sorting, pagination (admin-only) - **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout - **Session Validator** - Middleware validates sessions on every request for instant remote logout - **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades - **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
parent adc28b97f0
commit e5b9599755
61 changed files with 6838 additions and 812 deletions
--- a/app/Views/auth/base-auth.php
+++ b/app/Views/auth/base-auth.php
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title><?= $title ?? 'Authentication' ?> - Domain Monitor</title>
+    
+    <!-- Tailwind CSS -->
+    <script src="https://cdn.tailwindcss.com"></script>
+    
+    <!-- Font Awesome -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css" crossorigin="anonymous" referrerpolicy="no-referrer" />
+    
+    <script>
+        tailwind.config = {
+            theme: {
+                extend: {
+                    colors: {
+                        primary: {
+                            DEFAULT: '#4A90E2',
+                            dark: '#357ABD',
+                            light: '#6BA3E8',
+                        }
+                    }
+                }
+            }
+        }
+    </script>
+    
+    <style>
+        body {
+            background-color: #f8f9fa;
+        }
+    </style>
+</head>
+<body class="min-h-screen flex items-center justify-center p-4">
+    <div class="max-w-md w-full">
+        <!-- Auth Card -->
+        <div class="bg-white rounded-lg shadow-sm border border-gray-200 p-8">
+            <?= $content ?>
+        </div>
+
+        <!-- Footer -->
+        <div class="text-center mt-6">
+            <p class="text-gray-500 text-xs">
+                © <?= date('Y') ?> Domain Monitor. All rights reserved.
+            </p>
+        </div>
+    </div>
+
+    <?php if (isset($scripts)): ?>
+        <?= $scripts ?>
+    <?php endif; ?>
+</body>
+</html>
+
--- a/app/Views/auth/forgot-password.php
+++ b/app/Views/auth/forgot-password.php
@@ -0,0 +1,79 @@
+<?php
+$title = 'Forgot Password';
+ob_start();
+?>
+
+<!-- Logo and Title -->
+<div class="text-center mb-8">
+    <div class="inline-flex items-center justify-center w-14 h-14 bg-primary rounded-lg mb-4">
+        <i class="fas fa-key text-white text-2xl"></i>
+    </div>
+    <h1 class="text-2xl font-semibold text-gray-900 mb-1">Forgot Password?</h1>
+    <p class="text-sm text-gray-500">No worries, we'll send you reset instructions</p>
+</div>
+
+<!-- Error/Success Alert -->
+<?php if (isset($_SESSION['error'])): ?>
+    <div class="mb-6 bg-red-50 border border-red-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-exclamation-circle text-red-500 mr-2"></i>
+            <span class="text-sm text-red-700"><?= htmlspecialchars($_SESSION['error']) ?></span>
+        </div>
+    </div>
+    <?php unset($_SESSION['error']); ?>
+<?php endif; ?>
+
+<?php if (isset($_SESSION['success'])): ?>
+    <div class="mb-6 bg-green-50 border border-green-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-check-circle text-green-500 mr-2"></i>
+            <span class="text-sm text-green-700"><?= htmlspecialchars($_SESSION['success']) ?></span>
+        </div>
+    </div>
+    <?php unset($_SESSION['success']); ?>
+<?php endif; ?>
+
+<!-- Forgot Password Form -->
+<form method="POST" action="/forgot-password" class="space-y-5">
+    <!-- Email Field -->
+    <div>
+        <label for="email" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Email Address
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-envelope text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="email" 
+                id="email" 
+                name="email" 
+                required 
+                autofocus
+                class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Enter your email address">
+        </div>
+        <p class="text-xs text-gray-500 mt-1">Enter the email associated with your account</p>
+    </div>
+
+    <!-- Submit Button -->
+    <button 
+        type="submit" 
+        class="w-full bg-primary hover:bg-primary-dark text-white py-2.5 rounded-lg font-medium transition-colors duration-200 flex items-center justify-center text-sm">
+        <i class="fas fa-paper-plane mr-2"></i>
+        Send Reset Link
+    </button>
+</form>
+
+<!-- Back to Login Link -->
+<div class="text-center mt-6 pt-6 border-t border-gray-200">
+    <a href="/login" class="inline-flex items-center text-sm text-gray-600 hover:text-gray-800">
+        <i class="fas fa-arrow-left mr-2"></i>
+        Back to Login
+    </a>
+</div>
+
+<?php
+$content = ob_get_clean();
+require __DIR__ . '/base-auth.php';
+?>
--- a/app/Views/auth/login.php
+++ b/app/Views/auth/login.php
@@ -1,156 +1,130 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Login - Domain Monitor</title>
-    
-    <!-- Tailwind CSS -->
-    <script src="https://cdn.tailwindcss.com"></script>
-    
-    <!-- Font Awesome -->
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css" crossorigin="anonymous" referrerpolicy="no-referrer" />
-    
-    <script>
-        tailwind.config = {
-            theme: {
-                extend: {
-                    colors: {
-                        primary: {
-                            DEFAULT: '#4A90E2',
-                            dark: '#357ABD',
-                            light: '#6BA3E8',
-                        }
-                    }
-                }
-            }
-        }
-    </script>
-    
-    <style>
-        body {
-            background-color: #f8f9fa;
-        }
-    </style>
-</head>
-<body class="min-h-screen flex items-center justify-center p-4">
-    <div class="max-w-md w-full">
-        <!-- Login Card -->
-        <div class="bg-white rounded-lg shadow-sm border border-gray-200 p-8">
-            <!-- Logo and Title -->
-            <div class="text-center mb-8">
-                <div class="inline-flex items-center justify-center w-14 h-14 bg-primary rounded-lg mb-4">
-                    <i class="fas fa-globe text-white text-2xl"></i>
-                </div>
-                <h1 class="text-2xl font-semibold text-gray-900 mb-1">Welcome Back</h1>
-                <p class="text-sm text-gray-500">Sign in to access your account</p>
-            </div>
+<?php
+$title = 'Login';
+ob_start();
+?>

-            <!-- Error Alert -->
-            <?php if (isset($_SESSION['error'])): ?>
-                <div class="mb-6 bg-red-50 border border-red-200 p-3 rounded-lg">
-                    <div class="flex items-center">
-                        <i class="fas fa-exclamation-circle text-red-500 mr-2"></i>
-                        <span class="text-sm text-red-700"><?= htmlspecialchars($_SESSION['error']) ?></span>
-                    </div>
-                </div>
-                <?php unset($_SESSION['error']); ?>
-            <?php endif; ?>
+<!-- Logo and Title -->
+<div class="text-center mb-8">
+    <div class="inline-flex items-center justify-center w-14 h-14 bg-primary rounded-lg mb-4">
+        <i class="fas fa-globe text-white text-2xl"></i>
+    </div>
+    <h1 class="text-2xl font-semibold text-gray-900 mb-1">Welcome Back</h1>
+    <p class="text-sm text-gray-500">Sign in to access your account</p>
+</div>

-            <!-- Login Form -->
-            <form method="POST" action="/login" class="space-y-5">
-                <!-- Username Field -->
-                <div>
-                    <label for="username" class="block text-sm font-medium text-gray-700 mb-1.5">
-                        Username
-                    </label>
-                    <div class="relative">
-                        <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
-                            <i class="fas fa-user text-gray-400 text-sm"></i>
-                        </div>
-                        <input 
-                            type="text" 
-                            id="username" 
-                            name="username" 
-                            required 
-                            autofocus
-                            class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
-                            placeholder="Enter your username">
-                    </div>
-                </div>
-
-                <!-- Password Field -->
-                <div>
-                    <label for="password" class="block text-sm font-medium text-gray-700 mb-1.5">
-                        Password
-                    </label>
-                    <div class="relative">
-                        <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
-                            <i class="fas fa-lock text-gray-400 text-sm"></i>
-                        </div>
-                        <input 
-                            type="password" 
-                            id="password" 
-                            name="password" 
-                            required
-                            class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
-                            placeholder="Enter your password">
-                        <button 
-                            type="button" 
-                            onclick="togglePassword()"
-                            class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
-                            <i class="fas fa-eye text-sm" id="toggleIcon"></i>
-                        </button>
-                    </div>
-                </div>
-
-                <!-- Remember Me -->
-                <div class="flex items-center justify-between">
-                    <label class="flex items-center cursor-pointer">
-                        <input 
-                            type="checkbox" 
-                            name="remember" 
-                            class="w-4 h-4 text-primary border-gray-300 rounded focus:ring-primary">
-                        <span class="ml-2 text-sm text-gray-600">Remember me</span>
-                    </label>
-                    <a href="#" class="text-sm text-primary hover:text-primary-dark">
-                        Forgot password?
-                    </a>
-                </div>
-
-                <!-- Submit Button -->
-                <button 
-                    type="submit" 
-                    class="w-full bg-primary hover:bg-primary-dark text-white py-2.5 rounded-lg font-medium transition-colors duration-200 flex items-center justify-center text-sm">
-                    <i class="fas fa-sign-in-alt mr-2"></i>
-                    Sign In
-                </button>
-            </form>
+<!-- Error Alert -->
+<?php if (isset($_SESSION['error'])): ?>
+    <div class="mb-6 bg-red-50 border border-red-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-exclamation-circle text-red-500 mr-2"></i>
+            <span class="text-sm text-red-700"><?= htmlspecialchars($_SESSION['error']) ?></span>
        </div>
+    </div>
+    <?php unset($_SESSION['error']); ?>
+<?php endif; ?>

-        <!-- Footer -->
-        <div class="text-center mt-6">
-            <p class="text-gray-500 text-xs">
-                © <?= date('Y') ?> Domain Monitor. All rights reserved.
-            </p>
+<!-- Login Form -->
+<form method="POST" action="/login" class="space-y-5">
+    <!-- Username Field -->
+    <div>
+        <label for="username" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Username
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-user text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="text" 
+                id="username" 
+                name="username" 
+                required 
+                autofocus
+                class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Enter your username">
        </div>
    </div>

-    <script>
-        function togglePassword() {
-            const passwordInput = document.getElementById('password');
-            const toggleIcon = document.getElementById('toggleIcon');
-            
-            if (passwordInput.type === 'password') {
-                passwordInput.type = 'text';
-                toggleIcon.classList.remove('fa-eye');
-                toggleIcon.classList.add('fa-eye-slash');
-            } else {
-                passwordInput.type = 'password';
-                toggleIcon.classList.remove('fa-eye-slash');
-                toggleIcon.classList.add('fa-eye');
-            }
+    <!-- Password Field -->
+    <div>
+        <label for="password" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password" 
+                name="password" 
+                required
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Enter your password">
+            <button 
+                type="button" 
+                onclick="togglePassword()"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon"></i>
+            </button>
+        </div>
+    </div>
+
+    <!-- Remember Me -->
+    <div class="flex items-center justify-between">
+        <label class="flex items-center cursor-pointer">
+            <input 
+                type="checkbox" 
+                name="remember"
+                value="1"
+                class="w-4 h-4 text-primary border-gray-300 rounded focus:ring-primary">
+            <span class="ml-2 text-sm text-gray-600">Remember me</span>
+        </label>
+        <a href="/forgot-password" class="text-sm text-primary hover:text-primary-dark">
+            Forgot password?
+        </a>
+    </div>
+
+    <!-- Submit Button -->
+    <button 
+        type="submit" 
+        class="w-full bg-primary hover:bg-primary-dark text-white py-2.5 rounded-lg font-medium transition-colors duration-200 flex items-center justify-center text-sm">
+        <i class="fas fa-sign-in-alt mr-2"></i>
+        Sign In
+    </button>
+</form>
+
+<?php if ($registrationEnabled ?? false): ?>
+<!-- Sign Up Link -->
+<div class="text-center mt-6 pt-6 border-t border-gray-200">
+    <p class="text-sm text-gray-600">
+        Don't have an account? 
+        <a href="/register" class="text-primary hover:text-primary-dark font-medium">
+            Create Account
+        </a>
+    </p>
+</div>
+<?php endif; ?>
+
+<?php
+$content = ob_get_clean();
+$scripts = <<<'SCRIPT'
+<script>
+    function togglePassword() {
+        const passwordInput = document.getElementById('password');
+        const toggleIcon = document.getElementById('toggleIcon');
+        
+        if (passwordInput.type === 'password') {
+            passwordInput.type = 'text';
+            toggleIcon.classList.remove('fa-eye');
+            toggleIcon.classList.add('fa-eye-slash');
+        } else {
+            passwordInput.type = 'password';
+            toggleIcon.classList.remove('fa-eye-slash');
+            toggleIcon.classList.add('fa-eye');
        }
-    </script>
-</body>
-</html>
+    }
+</script>
+SCRIPT;
+require __DIR__ . '/base-auth.php';
+?>
--- a/app/Views/auth/register.php
+++ b/app/Views/auth/register.php
@@ -0,0 +1,217 @@
+<?php
+$title = 'Register';
+ob_start();
+?>
+
+<!-- Logo and Title -->
+<div class="text-center mb-8">
+    <div class="inline-flex items-center justify-center w-14 h-14 bg-primary rounded-lg mb-4">
+        <i class="fas fa-user-plus text-white text-2xl"></i>
+    </div>
+    <h1 class="text-2xl font-semibold text-gray-900 mb-1">Create Account</h1>
+    <p class="text-sm text-gray-500">Join Domain Monitor today</p>
+</div>
+
+<!-- Error/Success Alert -->
+<?php if (isset($_SESSION['error'])): ?>
+    <div class="mb-6 bg-red-50 border border-red-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-exclamation-circle text-red-500 mr-2"></i>
+            <span class="text-sm text-red-700"><?= htmlspecialchars($_SESSION['error']) ?></span>
+        </div>
+    </div>
+    <?php unset($_SESSION['error']); ?>
+<?php endif; ?>
+
+<?php if (isset($_SESSION['success'])): ?>
+    <div class="mb-6 bg-green-50 border border-green-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-check-circle text-green-500 mr-2"></i>
+            <span class="text-sm text-green-700"><?= htmlspecialchars($_SESSION['success']) ?></span>
+        </div>
+    </div>
+    <?php unset($_SESSION['success']); ?>
+<?php endif; ?>
+
+<!-- Registration Form -->
+<form method="POST" action="/register" class="space-y-4">
+    <!-- Full Name Field -->
+    <div>
+        <label for="full_name" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Full Name
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-user text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="text" 
+                id="full_name" 
+                name="full_name" 
+                required 
+                autofocus
+                class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Enter your full name">
+        </div>
+    </div>
+
+    <!-- Username Field -->
+    <div>
+        <label for="username" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Username
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-at text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="text" 
+                id="username" 
+                name="username" 
+                required
+                pattern="[a-zA-Z0-9_]+"
+                class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Choose a username">
+        </div>
+        <p class="text-xs text-gray-500 mt-1">Letters, numbers, and underscores only</p>
+    </div>
+
+    <!-- Email Field -->
+    <div>
+        <label for="email" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Email Address
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-envelope text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="email" 
+                id="email" 
+                name="email" 
+                required
+                class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="your.email@example.com">
+        </div>
+    </div>
+
+    <!-- Password Field -->
+    <div>
+        <label for="password" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password" 
+                name="password" 
+                required
+                minlength="8"
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Create a strong password">
+            <button 
+                type="button" 
+                onclick="togglePassword('password')"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon-password"></i>
+            </button>
+        </div>
+        <p class="text-xs text-gray-500 mt-1">Minimum 8 characters</p>
+    </div>
+
+    <!-- Confirm Password Field -->
+    <div>
+        <label for="password_confirm" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Confirm Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password_confirm" 
+                name="password_confirm" 
+                required
+                minlength="8"
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Re-enter your password">
+            <button 
+                type="button" 
+                onclick="togglePassword('password_confirm')"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon-password_confirm"></i>
+            </button>
+        </div>
+    </div>
+
+    <!-- Terms Checkbox -->
+    <div class="flex items-start pt-2">
+        <div class="flex items-center h-5">
+            <input 
+                type="checkbox" 
+                id="terms" 
+                name="terms"
+                required 
+                class="w-4 h-4 text-primary border-gray-300 rounded focus:ring-primary">
+        </div>
+        <label for="terms" class="ml-2 text-xs text-gray-600">
+            I agree to the Terms of Service and Privacy Policy
+        </label>
+    </div>
+
+    <!-- Submit Button -->
+    <button 
+        type="submit" 
+        class="w-full bg-primary hover:bg-primary-dark text-white py-2.5 rounded-lg font-medium transition-colors duration-200 flex items-center justify-center text-sm mt-6">
+        <i class="fas fa-user-plus mr-2"></i>
+        Create Account
+    </button>
+</form>
+
+<!-- Sign In Link -->
+<div class="text-center mt-6 pt-6 border-t border-gray-200">
+    <p class="text-sm text-gray-600">
+        Already have an account? 
+        <a href="/login" class="text-primary hover:text-primary-dark font-medium">
+            Sign In
+        </a>
+    </p>
+</div>
+
+<?php
+$content = ob_get_clean();
+$scripts = <<<'SCRIPT'
+<script>
+    function togglePassword(fieldId) {
+        const passwordInput = document.getElementById(fieldId);
+        const toggleIcon = document.getElementById('toggleIcon-' + fieldId);
+        
+        if (passwordInput.type === 'password') {
+            passwordInput.type = 'text';
+            toggleIcon.classList.remove('fa-eye');
+            toggleIcon.classList.add('fa-eye-slash');
+        } else {
+            passwordInput.type = 'password';
+            toggleIcon.classList.remove('fa-eye-slash');
+            toggleIcon.classList.add('fa-eye');
+        }
+    }
+
+    // Client-side password match validation
+    document.querySelector('form').addEventListener('submit', function(e) {
+        const password = document.getElementById('password').value;
+        const passwordConfirm = document.getElementById('password_confirm').value;
+        
+        if (password !== passwordConfirm) {
+            e.preventDefault();
+            alert('Passwords do not match!');
+        }
+    });
+</script>
+SCRIPT;
+require __DIR__ . '/base-auth.php';
+?>
--- a/app/Views/auth/reset-password.php
+++ b/app/Views/auth/reset-password.php
@@ -0,0 +1,147 @@
+<?php
+$title = 'Reset Password';
+ob_start();
+?>
+
+<!-- Logo and Title -->
+<div class="text-center mb-8">
+    <div class="inline-flex items-center justify-center w-14 h-14 bg-primary rounded-lg mb-4">
+        <i class="fas fa-lock-open text-white text-2xl"></i>
+    </div>
+    <h1 class="text-2xl font-semibold text-gray-900 mb-1">Reset Password</h1>
+    <p class="text-sm text-gray-500">Enter your new password below</p>
+</div>
+
+<!-- Error/Success Alert -->
+<?php if (isset($_SESSION['error'])): ?>
+    <div class="mb-6 bg-red-50 border border-red-200 p-3 rounded-lg">
+        <div class="flex items-center">
+            <i class="fas fa-exclamation-circle text-red-500 mr-2"></i>
+            <span class="text-sm text-red-700"><?= htmlspecialchars($_SESSION['error']) ?></span>
+        </div>
+    </div>
+    <?php unset($_SESSION['error']); ?>
+<?php endif; ?>
+
+<!-- Reset Password Form -->
+<form method="POST" action="/reset-password" class="space-y-4">
+    <!-- Hidden token field -->
+    <input type="hidden" name="token" value="<?= htmlspecialchars($token ?? '') ?>">
+
+    <!-- Password Field -->
+    <div>
+        <label for="password" class="block text-sm font-medium text-gray-700 mb-1.5">
+            New Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password" 
+                name="password" 
+                required
+                minlength="8"
+                autofocus
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Enter new password">
+            <button 
+                type="button" 
+                onclick="togglePassword('password')"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon-password"></i>
+            </button>
+        </div>
+        <p class="text-xs text-gray-500 mt-1">Minimum 8 characters</p>
+    </div>
+
+    <!-- Confirm Password Field -->
+    <div>
+        <label for="password_confirm" class="block text-sm font-medium text-gray-700 mb-1.5">
+            Confirm New Password
+        </label>
+        <div class="relative">
+            <div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
+                <i class="fas fa-lock text-gray-400 text-sm"></i>
+            </div>
+            <input 
+                type="password" 
+                id="password_confirm" 
+                name="password_confirm" 
+                required
+                minlength="8"
+                class="w-full pl-10 pr-10 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
+                placeholder="Re-enter new password">
+            <button 
+                type="button" 
+                onclick="togglePassword('password_confirm')"
+                class="absolute right-3 top-1/2 transform -translate-y-1/2 text-gray-400 hover:text-gray-600 focus:outline-none">
+                <i class="fas fa-eye text-sm" id="toggleIcon-password_confirm"></i>
+            </button>
+        </div>
+    </div>
+
+    <!-- Password Strength Indicator -->
+    <div class="bg-blue-50 border border-blue-200 rounded-lg p-3">
+        <p class="text-xs text-blue-800 mb-2">
+            <i class="fas fa-shield-alt mr-1"></i>
+            <strong>Password Requirements:</strong>
+        </p>
+        <ul class="text-xs text-blue-700 space-y-1 ml-5 list-disc">
+            <li>At least 8 characters long</li>
+            <li>Mix of uppercase and lowercase letters recommended</li>
+            <li>Include numbers and special characters for extra security</li>
+        </ul>
+    </div>
+
+    <!-- Submit Button -->
+    <button 
+        type="submit" 
+        class="w-full bg-primary hover:bg-primary-dark text-white py-2.5 rounded-lg font-medium transition-colors duration-200 flex items-center justify-center text-sm mt-6">
+        <i class="fas fa-check mr-2"></i>
+        Reset Password
+    </button>
+</form>
+
+<!-- Back to Login Link -->
+<div class="text-center mt-6 pt-6 border-t border-gray-200">
+    <a href="/login" class="inline-flex items-center text-sm text-gray-600 hover:text-gray-800">
+        <i class="fas fa-arrow-left mr-2"></i>
+        Back to Login
+    </a>
+</div>
+
+<?php
+$content = ob_get_clean();
+$scripts = <<<'SCRIPT'
+<script>
+    function togglePassword(fieldId) {
+        const passwordInput = document.getElementById(fieldId);
+        const toggleIcon = document.getElementById('toggleIcon-' + fieldId);
+        
+        if (passwordInput.type === 'password') {
+            passwordInput.type = 'text';
+            toggleIcon.classList.remove('fa-eye');
+            toggleIcon.classList.add('fa-eye-slash');
+        } else {
+            passwordInput.type = 'password';
+            toggleIcon.classList.remove('fa-eye-slash');
+            toggleIcon.classList.add('fa-eye');
+        }
+    }
+
+    // Client-side password match validation
+    document.querySelector('form').addEventListener('submit', function(e) {
+        const password = document.getElementById('password').value;
+        const passwordConfirm = document.getElementById('password_confirm').value;
+        
+        if (password !== passwordConfirm) {
+            e.preventDefault();
+            alert('Passwords do not match!');
+        }
+    });
+</script>
+SCRIPT;
+require __DIR__ . '/base-auth.php';
+?>
--- a/app/Views/auth/verify-email.php
+++ b/app/Views/auth/verify-email.php
@@ -0,0 +1,79 @@
+<?php
+$title = 'Verify Email';
+ob_start();
+?>
+
+<?php if ($verified ?? false): ?>
+    <!-- Success State -->
+    <div class="text-center">
+        <div class="inline-flex items-center justify-center w-16 h-16 bg-green-100 rounded-full mb-4">
+            <i class="fas fa-check-circle text-green-600 text-3xl"></i>
+        </div>
+        <h1 class="text-2xl font-semibold text-gray-900 mb-2">Email Verified!</h1>
+        <p class="text-gray-600 mb-6">Your email address has been successfully verified.</p>
+        
+        <a href="/login" class="inline-flex items-center px-6 py-2.5 bg-primary hover:bg-primary-dark text-white text-sm rounded-lg transition-colors font-medium">
+            <i class="fas fa-sign-in-alt mr-2"></i>
+            Sign In to Your Account
+        </a>
+    </div>
+<?php elseif ($error ?? false): ?>
+    <!-- Error State -->
+    <div class="text-center">
+        <div class="inline-flex items-center justify-center w-16 h-16 bg-red-100 rounded-full mb-4">
+            <i class="fas fa-times-circle text-red-600 text-3xl"></i>
+        </div>
+        <h1 class="text-2xl font-semibold text-gray-900 mb-2">Verification Failed</h1>
+        <p class="text-gray-600 mb-6"><?= htmlspecialchars($errorMessage ?? 'Invalid or expired verification link.') ?></p>
+        
+        <div class="space-y-2">
+            <a href="/login" class="block text-center px-6 py-2.5 bg-primary hover:bg-primary-dark text-white text-sm rounded-lg transition-colors font-medium">
+                <i class="fas fa-sign-in-alt mr-2"></i>
+                Go to Login
+            </a>
+            <a href="/resend-verification" class="block text-center px-6 py-2.5 bg-gray-100 hover:bg-gray-200 text-gray-700 text-sm rounded-lg transition-colors font-medium">
+                <i class="fas fa-redo mr-2"></i>
+                Resend Verification Email
+            </a>
+        </div>
+    </div>
+<?php else: ?>
+    <!-- Pending State -->
+    <div class="text-center">
+        <div class="inline-flex items-center justify-center w-16 h-16 bg-blue-100 rounded-full mb-4">
+            <i class="fas fa-envelope text-blue-600 text-3xl"></i>
+        </div>
+        <h1 class="text-2xl font-semibold text-gray-900 mb-2">Check Your Email</h1>
+        <p class="text-gray-600 mb-6">
+            We've sent a verification link to <strong><?= htmlspecialchars($email ?? 'your email') ?></strong>. 
+            Please check your inbox and click the link to verify your account.
+        </p>
+        
+        <div class="bg-blue-50 border border-blue-200 rounded-lg p-4 mb-6 text-left">
+            <p class="text-sm text-blue-800 mb-2">
+                <i class="fas fa-info-circle mr-1"></i>
+                <strong>Didn't receive the email?</strong>
+            </p>
+            <ul class="text-xs text-blue-700 space-y-1 ml-5 list-disc">
+                <li>Check your spam or junk folder</li>
+                <li>Make sure you entered the correct email address</li>
+                <li>Wait a few minutes for the email to arrive</li>
+            </ul>
+        </div>
+        
+        <div class="space-y-2">
+            <a href="/resend-verification" class="block text-center px-6 py-2.5 bg-primary hover:bg-primary-dark text-white text-sm rounded-lg transition-colors font-medium">
+                <i class="fas fa-redo mr-2"></i>
+                Resend Verification Email
+            </a>
+            <a href="/login" class="block text-center text-sm text-gray-600 hover:text-gray-800">
+                Back to Login
+            </a>
+        </div>
+    </div>
+<?php endif; ?>
+
+<?php
+$content = ob_get_clean();
+require __DIR__ . '/base-auth.php';
+?>