Running Changes on Passwordreset via email through the restwebservice.

Owned by harisu fanyui
Jan 17, 2019
3 min read



In order to run the changes inplimented in the project reset password via email project, You first of all need to get your system configured to be able to send email. So to do this you can use the Globalproperties page of the setting section in the admin panel if you are running legacy ui, You should set the following parameters. 

 

since smtp_auth is true it means you need to provide and email address and a password from which the mails by the system will be sent. 

When all these are set. you need to update your database user table with an email. This is because in the course of the work a new field was added to the user table with name email. Though there is not yet a UI provided for when creating a user(ie part of the work left) this is going to act as the user email when a password reset request is triggered.

You could add an email using pure sql or phpMyAdmin the case of mysql is as follows 

When this is done. you after compiling and installing the webservice module should visit test section of the module.

complete the inputs as in the image below

fanyuiharisu@gmail.com is the email of the user who wants to reset his or her password, you could as well just put the username of the user (in this case harisu) and submit. the form. after submission you should get no response just a success as explained in here http://fanyui.blogspot.com/2018/08/week-twelve.html 

notice the success. That should have done the work now check the email for the reset token

This is a sample email that was sent. Not the url is also configurable in the settings page 


You can then since we are using the webservice we will extract the token(X8GdOyiK8NXp1j3U9zl4 )  from the link sent to the  user  and put it back in the form as below. by default this link will point to the reference application or the form for resetting password where we can listen for the path variable and if present we display a reset form for new password. 

notice the token and the body content of the request with the new password we want to set for this user.  after the send button is clicked we should get a success if the password has been reset as follows

 

The user with username harisu can now login with his new password Sup3rS3cr3tPassw0rd sucessfully.


Note. The url for the host is also configurable as well as the valid time for the token sent in the mail so you could change those depending on your implimentation and how you ui is implimented.

but for the legacy ui i think its best if the changepassword form is implimented to look for the presence of the path variable and if it present it should just directly render the new password form else it should render the default form that it has.