Developer forum

Forum » Development » Trigger password token

Trigger password token

E-mail notifications
Nuno Aguiar
Reply
Posted on 10/12/2015 18:44:13

Hi,

 

I need to set a link for a user to land on the password reset page, avoiding the user to have to click "Reset password", fill in their email address, and receive an additional email with the final link for it.

 

How can I do that?

 

Best Regards,

Nuno Aguiar


Replies

 
Nicolai Høeg Pedersen
Posted on 11/12/2015 12:56:56
Reply
This post has been marked as an answer

The are 2 ways

Simple way is to make a post to the page with a login form using these parameters: Forgotpassword=True&Username=some@email.com (this is a problem if you need to link from an email because you cannot post - so you would need a intermediate page where you post the information after the user clicked the link)

Second way is to add a recovery token and a time limit for the token on the user:

Dim time As DateTime = DateTime.UtcNow.AddHours(24)
Dim token As String = Dynamicweb.SystemTools.GuidGenerator.GetGuid()
user.PasswordRecoveryToken = token
user.PasswordRecoveryTokenExpirationTime = time
user.Save()

Instead of using a GUID for the token, you could hash the user email address (you can do that automatically during import or something and set the expiration time to year 2100):

user.PasswordRecoveryToken = Dynamicweb.Base.MD5HashToString(user.Email)

Then on a page where you have added the extranet module, set it up for login and configure the module. Then call the page url and add &RecoveryToken={usertoken} that was created above.

Now the password recovery process will be executed as setup on the module.

BR Nicolai

Votes for this answer: 1
 
Nuno Aguiar
Posted on 11/12/2015 17:02:59
Reply

Hi Nicolai,

 

It works, thanks

 

You must be logged in to post in the forum