vinceh121 · vinceh121 · Jan 11, 2026 · Jan 11, 2026 · Jan 11, 2026 · Jan 11, 2026
diff --git a/gmcserver-email/password-reset.mjml b/gmcserver-email/password-reset.mjml
@@ -0,0 +1,40 @@
+<!--
+	GMCServer, lightweight service to log, analyze and proxy Geiger counter data.
+	Copyright (C) 2020 Vincent Hyvert
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public for more details.
+
+	You should have received a copy of the GNU Affero General Public
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+-->
+
+<mjml>
+    <mj-include path="./fragments/head.mjml"/>
+    <mj-body>
+        <mj-include path="./fragments/header.mjml"/>
+        <mj-section background-color="#424242" border-radius="4px">
+            <mj-column>
+                <mj-text>
+                    <h2>
+                        Password reset
+                    </h2>
+                    Click on the following link to reset the password of your account.<br/>
+                </mj-text>
+                <mj-button
+                        href="https://{{instance/host}}/password-reset/confirm?token={{token}}"
+                >
+                    Reset my password
+                </mj-button>
+            </mj-column>
+        </mj-section>
+        <mj-include path="./fragments/footer.mjml"/>
+    </mj-body>
+</mjml>
diff --git a/gmcserver-email/pnpm-lock.yaml b/gmcserver-email/pnpm-lock.yaml
diff --git a/gmcserver-server/pom.xml b/gmcserver-server/pom.xml
@@ -37,7 +37,7 @@
 		<gmc.config.path>./config.properties</gmc.config.path>
 		<gmc.vertx.config.path>./vertx.json</gmc.vertx.config.path>
 		<gmc.vertx.mail.config.path>./mail.json</gmc.vertx.mail.config.path>
-		<gmc.vertx.mail.templates.path>./gmcserver-email/out/</gmc.vertx.mail.templates.path>
+		<gmc.vertx.mail.templates.path>../gmcserver-email/out/</gmc.vertx.mail.templates.path>
 
 		<vertx.version>4.3.8</vertx.version>
 	</properties>
@@ -55,6 +55,11 @@
 			<artifactId>vertx-web</artifactId>
 			<version>${vertx.version}</version>
 		</dependency>
+		<dependency>
+			<groupId>io.netty</groupId>
+			<artifactId>netty-codec</artifactId>
+			<version>4.1.87.Final</version>
+		</dependency>
 		<dependency>
 			<groupId>io.vertx</groupId>
 			<artifactId>vertx-web-client</artifactId>

diff --git a/gmcserver-server/src/main/java/me/vinceh121/gmcserver/auth/InternalAuthenticator.java b/gmcserver-server/src/main/java/me/vinceh121/gmcserver/auth/InternalAuthenticator.java
@@ -18,13 +18,16 @@
 package me.vinceh121.gmcserver.auth;
 
 import com.mongodb.client.model.Filters;
-
+import com.mongodb.client.model.Updates;
 import io.vertx.core.Future;
 import me.vinceh121.gmcserver.GMCServer;
 import me.vinceh121.gmcserver.entities.User;
 import me.vinceh121.gmcserver.exceptions.AuthenticationException;
 import me.vinceh121.gmcserver.exceptions.EntityNotFoundException;
 import me.vinceh121.gmcserver.managers.UserManager.CreateUserAction;
+import me.vinceh121.gmcserver.managers.email.Email;
+
+import java.util.UUID;
 
 public class InternalAuthenticator extends AbstractAuthenticator {
 
@@ -33,17 +36,17 @@ public InternalAuthenticator(final GMCServer srv) {
 	}
 
 	/**
-	 * @exception EntityNotFoundException if the user what not found
-	 * @exception IllegalStateException   if the user's account is disabled
-	 * @exception AuthenticationException if the password failed to validate
+	 * @throws EntityNotFoundException if the user what not found
+	 * @throws IllegalStateException   if the user's account is disabled
+	 * @throws AuthenticationException if the password failed to validate
 	 */
 	@Override
 	public Future<User> login(final String username, final String password) {
 		return Future.future(promise -> {
 			final User user = this.srv.getDatabaseManager()
-				.getCollection(User.class)
-				.find(Filters.or(Filters.eq("username", username), Filters.eq("email", username)))
-				.first();
+					.getCollection(User.class)
+					.find(Filters.or(Filters.eq("username", username), Filters.eq("email", username)))
+					.first();
 
 			if (user == null) {
 				promise.fail(new EntityNotFoundException("User not found"));
@@ -70,11 +73,37 @@ public Future<User> login(final String username, final String password) {
 	public Future<User> register(final String username, final String email, final String password) {
 		return Future.future(promise -> {
 			final CreateUserAction action = this.srv.getUserManager()
-				.createUser()
-				.setUsername(username)
-				.setPassword(password)
-				.setEmail(email);
+					.createUser()
+					.setUsername(username)
+					.setPassword(password)
+					.setEmail(email);
 			action.execute().onSuccess(promise::complete).onFailure(promise::fail);
 		});
 	}
+
+	public Future<Void> sendPasswordResetLink(final User user) {
+		return Future.future(promise -> {
+			if (user == null) {
+				promise.fail(new EntityNotFoundException("User not found"));
+				return;
+			}
+
+			final UUID id = UUID.randomUUID();
+
+			this.srv.getDatabaseManager().getCollection(User.class)
+					.updateOne(Filters.eq(user.getId()),
+							Updates.set("passwordResetToken", id.toString())
+					);
+
+			final Email email = new Email();
+			email.setTo(user);
+			email.setTemplate("password-reset");
+			email.setSubject("Password reset");
+			email.getContext().put("token", id.toString());
+
+			this.srv.getEmailManager().sendEmail(email)
+					.onSuccess(promise::complete)
+					.onFailure(promise::fail);
+		});
+	}
 }
diff --git a/gmcserver-server/src/main/java/me/vinceh121/gmcserver/entities/User.java b/gmcserver-server/src/main/java/me/vinceh121/gmcserver/entities/User.java
@@ -17,12 +17,10 @@
  */
 package me.vinceh121.gmcserver.entities;
 
-import org.bson.codecs.pojo.annotations.BsonIgnore;
-
 import com.fasterxml.jackson.annotation.JsonIgnore;
-
 import io.vertx.core.json.JsonObject;
 import me.vinceh121.gmcserver.mfa.MFAKey;
+import org.bson.codecs.pojo.annotations.BsonIgnore;
 import xyz.bowser65.tokenize.IAccount;
 
 /**
@@ -40,6 +38,7 @@ public class User extends AbstractEntity implements IAccount {
 	private long gmcId;
 	private boolean admin, mfa, alertEmails;
 	private MFAKey mfaKey;
+	private String passwordResetToken;
 
 	public long getGmcId() {
 		return this.gmcId;
@@ -151,4 +150,11 @@ public String toString() {
 		return this.getUsername() + " (" + this.getId().toString() + ")";
 	}
 
+	public void setPasswordResetToken(String passwordResetToken) {
+		this.passwordResetToken = passwordResetToken;
+	}
+
+	public String getPasswordResetToken() {
+		return passwordResetToken;
+	}
 }
diff --git a/gmcserver-server/src/main/java/me/vinceh121/gmcserver/managers/email/EmailManager.java b/gmcserver-server/src/main/java/me/vinceh121/gmcserver/managers/email/EmailManager.java
@@ -17,12 +17,6 @@
  */
 package me.vinceh121.gmcserver.managers.email;
 
-import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Paths;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
 import io.vertx.core.Future;
 import io.vertx.core.Promise;
 import io.vertx.core.json.JsonObject;
@@ -34,6 +28,12 @@
 import me.vinceh121.gmcserver.GMCServer;
 import me.vinceh121.gmcserver.managers.AbstractManager;
 
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
 public class EmailManager extends AbstractManager {
 	public static final Pattern VAR_PATTERN = Pattern.compile("\\{\\{[a-zA-Z/-_]+\\}\\}");
 	private final MailClient client;