Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ability to reset password for username / password authentication #5

Open
alarner opened this issue Mar 20, 2016 · 2 comments
Open

Comments

@alarner
Copy link
Owner

alarner commented Mar 20, 2016

both html form based flow and API based flow

desired reset flow:

On the login page, there should be a “Forgot your password?” link

When a user gets to the password reset page (/reset/form), we should ask for their email address.

After the user has entered their email address, send them an email with a link to the password reset page on your site. This link should contain a unique password reset token that expires after a configurable amount of time and on first use.

After submitting the password reset form, display a success page (/reset/form/success) with instructions to check their email.

After the user clicks the link in their email, they should be brought to a page on your site that prompts them to enter a new password. Validate the token before the page is displayed and show an error message if it's incorrect. (/reset/token/q398nctypq9384nypqc3498cn)

After submitting their new password, change their password in the database and mark the token as used, so it can't be re-used. Email the user letting them know that their password has been reset.

Redirect to a new page that informs them that their password has been changed and they have been logged in.

Send the user an email once their password has been changed letting them know what happened.

@dominathan
Copy link
Contributor

You just wanting basic nodemailer reset? Or something more?

@dominathan
Copy link
Contributor

I'll grab this one, need to do it on my project anyway as well.

@alarner alarner modified the milestone: v1.0 May 23, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants