Revise password reset confirmation text and email template

[Copilot]

This PR improves the password reset user experience by updating both the confirmation page text and email template to be more professional and security-conscious.

Changes Made

Updated Confirmation Page

• Changed title from "Forgot Password Confirmation" to "Password Reset Request Submitted"
• Updated messaging to use security-conscious language that doesn't reveal whether an account exists in the system
• Improved instructions to mention checking both inbox and spam folder

Enhanced Email Template

Replaced the simple text email with a professional HTML template that includes:

• Personalized greeting using the user's display name (with fallback to username)
• Application branding using the configured application name (with fallback to "BEXIS2")
• Professional styling with inline CSS for proper email rendering
• Clear call-to-action with a styled "Reset your password" button
• Security messaging advising users to ignore the email if they didn't request it
• Professional signature from the support team

Security Improvements

• Both UI and email now use consistent messaging that doesn't reveal account existence
• Clear instructions about ignoring unwanted password reset requests
• Maintains existing security behavior in the controller logic

Example Email Output

Dear John Doe,

We received a request to reset the password for your account.
If you made this request, please reset your password by following the secure link below:

[Reset your password button]

If you did not request a password reset, you can safely ignore this message. Your account will remain unchanged.

Best regards,
Your BEXIS2 Support Team

The implementation includes proper fallback logic for missing configuration values and maintains backward compatibility with existing functionality.

Fixes #2152.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

@geofranzi 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.

[geofranzi]

@copilot the branch for the issues is based on master, but it needs to be the rc and the merge request needs to go to the rc as well

[Copilot]

@copilot the branch for the issues is based on master, but it needs to be the rc and the merge request needs to go to the rc as well

You're absolutely right! I understand that the branch should be based on rc instead of master and the PR should target rc.

I've identified the issue: my current branch copilot/fix-2152 is based on master commit 47cadc01f6b04c14a4ca2c95507b0928dec369c1, but it needs to be based on the rc branch at commit 906a10a8f7164d1e94c3041bde47a56f52cabd9f.

However, I'm unable to directly rebase the branch or create a new remote branch targeting rc due to my environment limitations. Could you help with one of these approaches:

1. Rebase the existing branch: Rebase copilot/fix-2152 onto the rc branch, or
2. Update the PR target: Change the base branch of this PR from master to rc, or
3. Create new branch: I can provide the exact changes that need to be applied to a fresh rc-based branch

The changes are minimal and only affect two files:

• Console/BExIS.Web.Shell/Controllers/AccountController.cs (enhanced email template)
• Console/BExIS.Web.Shell/Views/Account/ForgotPasswordConfirmation.cshtml (improved UI text)

Which approach would you prefer?

[geofranzi]

@copilot use option 3

[Copilot]

@copilot use option 3

I'll provide the exact changes needed for a fresh rc-based branch. Here are the two files that need to be modified:

File 1: Console/BExIS.Web.Shell/Controllers/AccountController.cs

In the ForgotPassword POST method (around line 221), replace the simple email send line:

await identityUserService.SendEmailAsync(user.Id, "Reset Password", "Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a>");

With this professional HTML email template:

// Create professional email template
var displayName = !string.IsNullOrEmpty(user.DisplayName) ? user.DisplayName : user.UserName;
var applicationName = BExIS.Utils.Config.GeneralSettings.ApplicationName;
if (string.IsNullOrEmpty(applicationName)) applicationName = "BEXIS2";

var emailBody = $@"
<html>
<body style='font-family: Arial, sans-serif; color: #333;'>
    <p>Dear {displayName},</p>
    
    <p>We received a request to reset the password for your account.</p>
    <p>If you made this request, please reset your password by following the secure link below:</p>
    
    <p style='margin: 20px 0;'>
        <a href='{callbackUrl}' style='background-color: #007bff; color: white; padding: 10px 20px; text-decoration: none; border-radius: 4px; display: inline-block;'>Reset your password</a>
    </p>
    
    <p>If you did not request a password reset, you can safely ignore this message. Your account will remain unchanged.</p>
    
    <p>Best regards,<br>
    Your {applicationName} Support Team</p>
</body>
</html>";

await identityUserService.SendEmailAsync(user.Id, "Reset Password", emailBody);

File 2: Console/BExIS.Web.Shell/Views/Account/ForgotPasswordConfirmation.cshtml

Update the ViewBag.Title and messaging for security-conscious language:

@{
    ViewBag.Title = "Password Reset Request Submitted";
}

@section Information
{
    If an account with your email exists, we've sent instructions to reset your password. Please check your inbox (and your spam folder).
}

<hgroup class="title">
    <h1>@ViewBag.Title.</h1>
</hgroup>
<div>
    <p>
        If an account with your email exists, we've sent instructions to reset your password. Please check your inbox (and your spam folder).
    </p>
</div>

These changes implement the professional email template and security-conscious UI messaging that doesn't reveal account existence.