1 files changed, 44 insertions, 39 deletions

diff --git a/internal/server/template.go b/internal/server/template.go
index 175643edf..03accd479 100644
--- a/internal/server/template.go
+++ b/internal/server/template.go
@@ -251,23 +251,25 @@ func writeHealthCheckEnv(disabled bool, scheme, host, path string, port uint16)
 // NewTemplatedFileOptions returns a new *TemplatedFileOptions.
 func NewTemplatedFileOptions(config *schema.Configuration) (opts *TemplatedFileOptions) {
 	opts = &TemplatedFileOptions{
-		AssetPath:              config.Server.AssetPath,
-		DuoSelfEnrollment:      strFalse,
-		PasskeyLogin:           strconv.FormatBool(config.WebAuthn.EnablePasskeyLogin),
-		RememberMe:             strconv.FormatBool(!config.Session.DisableRememberMe),
-		ResetPassword:          strconv.FormatBool(!config.AuthenticationBackend.PasswordReset.Disable),
-		ResetPasswordCustomURL: config.AuthenticationBackend.PasswordReset.CustomURL.String(),
-		PrivacyPolicyURL:       "",
-		PrivacyPolicyAccept:    strFalse,
-		Theme:                  config.Theme,
-
-		EndpointsPasswordReset: !(config.AuthenticationBackend.PasswordReset.Disable || config.AuthenticationBackend.PasswordReset.CustomURL.String() != ""),
-		EndpointsWebAuthn:      !config.WebAuthn.Disable,
-		EndpointsPasskeys:      !config.WebAuthn.Disable && config.WebAuthn.EnablePasskeyLogin,
-		EndpointsTOTP:          !config.TOTP.Disable,
-		EndpointsDuo:           !config.DuoAPI.Disable,
-		EndpointsOpenIDConnect: !(config.IdentityProviders.OIDC == nil),
-		EndpointsAuthz:         config.Server.Endpoints.Authz,
+		AssetPath:               config.Server.AssetPath,
+		DuoSelfEnrollment:       strFalse,
+		PasskeyLogin:            strconv.FormatBool(config.WebAuthn.EnablePasskeyLogin),
+		RememberMe:              strconv.FormatBool(!config.Session.DisableRememberMe),
+		ResetPassword:           strconv.FormatBool(!config.AuthenticationBackend.PasswordReset.Disable),
+		ResetPasswordCustomURL:  config.AuthenticationBackend.PasswordReset.CustomURL.String(),
+		PasswordChange:          strconv.FormatBool(!config.AuthenticationBackend.PasswordChange.Disable),
+		PrivacyPolicyURL:        "",
+		PrivacyPolicyAccept:     strFalse,
+		Session:                 "",
+		Theme:                   config.Theme,
+		EndpointsPasswordReset:  !(config.AuthenticationBackend.PasswordReset.Disable || config.AuthenticationBackend.PasswordReset.CustomURL.String() != ""),
+		EndpointsPasswordChange: !config.AuthenticationBackend.PasswordChange.Disable,
+		EndpointsWebAuthn:       !config.WebAuthn.Disable,
+		EndpointsPasskeys:       !config.WebAuthn.Disable && config.WebAuthn.EnablePasskeyLogin,
+		EndpointsTOTP:           !config.TOTP.Disable,
+		EndpointsDuo:            !config.DuoAPI.Disable,
+		EndpointsOpenIDConnect:  !(config.IdentityProviders.OIDC == nil),
+		EndpointsAuthz:          config.Server.Endpoints.Authz,
 	}
 
 	if config.PrivacyPolicy.Enabled {
@@ -290,17 +292,19 @@ type TemplatedFileOptions struct {
 	RememberMe             string
 	ResetPassword          string
 	ResetPasswordCustomURL string
+	PasswordChange         string
 	PrivacyPolicyURL       string
 	PrivacyPolicyAccept    string
 	Session                string
 	Theme                  string
 
-	EndpointsPasswordReset bool
-	EndpointsWebAuthn      bool
-	EndpointsPasskeys      bool
-	EndpointsTOTP          bool
-	EndpointsDuo           bool
-	EndpointsOpenIDConnect bool
+	EndpointsPasswordReset  bool
+	EndpointsPasswordChange bool
+	EndpointsWebAuthn       bool
+	EndpointsPasskeys       bool
+	EndpointsTOTP           bool
+	EndpointsDuo            bool
+	EndpointsOpenIDConnect  bool
 
 	EndpointsAuthz map[string]schema.ServerEndpointsAuthz
 }
@@ -352,13 +356,13 @@ func (options *TemplatedFileOptions) commonDataWithRememberMe(base, baseURL, dom
 // OpenAPIData returns a TemplatedFileOpenAPIData with the dynamic options.
 func (options *TemplatedFileOptions) OpenAPIData(base, baseURL, domain, nonce string) TemplatedFileOpenAPIData {
 	return TemplatedFileOpenAPIData{
-		Base:     base,
-		BaseURL:  baseURL,
-		Domain:   domain,
-		CSPNonce: nonce,
-
+		Base:           base,
+		BaseURL:        baseURL,
+		Domain:         domain,
+		CSPNonce:       nonce,
 		Session:        options.Session,
 		PasswordReset:  options.EndpointsPasswordReset,
+		PasswordChange: options.EndpointsPasswordChange,
 		WebAuthn:       options.EndpointsWebAuthn,
 		Passkeys:       options.EndpointsPasskeys,
 		TOTP:           options.EndpointsTOTP,
@@ -388,17 +392,18 @@ type TemplatedFileCommonData struct {
 
 // TemplatedFileOpenAPIData is a struct which is used for the OpenAPI spec file.
 type TemplatedFileOpenAPIData struct {
-	Base          string
-	BaseURL       string
-	Domain        string
-	CSPNonce      string
-	Session       string
-	PasswordReset bool
-	WebAuthn      bool
-	Passkeys      bool
-	TOTP          bool
-	Duo           bool
-	OpenIDConnect bool
+	Base           string
+	BaseURL        string
+	Domain         string
+	CSPNonce       string
+	Session        string
+	PasswordReset  bool
+	PasswordChange bool
+	WebAuthn       bool
+	Passkeys       bool
+	TOTP           bool
+	Duo            bool
+	OpenIDConnect  bool
 
 	EndpointsAuthz map[string]schema.ServerEndpointsAuthz
 }