Add email verification and password reset to dbAuth #870
Comments
Certainly possible and an important feature, but quite a lot of code. I'm marking it an enhancement for picking it up later. |
Why not use the mail() function of PHP? |
|
I've quite struggled with php mail function, ended up using phpmailer instead |
|
@nik2208 Do you have an example how the "password reset" can be implemented? |
|
@NorthFred what do u mean? there's already the password endpoint (different from register) |
|
@nik2208 I was referring to the OP's topic of resetting the password in case the user doesn't remember it (e.g. password reset link...). Did you make this work with phpmailer? |
|
actually I meant, instead of mail() as suggested by Kolial I used phpmailer. there much out there explaining how to use phpmailer. |
|
@nik2208 Right, thanks for clarifying. I misunderstood your reply. I'll do some more research on topic for password reset implementation. |
|
what kind of help do u need? |
|
@nik2208 Well, I'm using the 'dbAuth' middleware of this awesome library for login, logout, registration (signup) and password change. What I am missing is a way to let the user reset their password if they don't remember their login details - i.e. they can no longer log in. A typical approach to resolve this, is having the back-end send a "password reset" link, via which the user can access a form to reset the password. I'm more of a front-end (Angular) person than a back-end dev, so any help is greatly appreciated! |
|
@NorthFred have a look here. It's actually pretty advanced angular. |
|
This is an enhancement that I needed, but there are some considerations about using phpmailer and doubling the filesize of api.php. Password reset is not yet implemented, but could be done using the same principle, via a confirmation email. |
|
I know this is an old topic, just sharing some thoughts on this. Essentially, the PHP-CRUD-API works as it is. Now for emailing, integrating phpmailer seems to add unnecessary bloat and the library would become a REST + Email API. Anyway, my idea is for the library to have some kind of event that can trigger async actions, thus enabling suppport for event-driven architecture. |
mevdschee
changed the title
Hi,
in the dbAuth middleware, do you think it would be possible to add the email verification and password reset process?
Before a user is effectively registered, he must click on the confirmation email sent through the signup.
Similarly, when he needs to reset the password, he receives an email with the reset link to set a new password.
This would not only complete the dbAuth middleware, but would also allow to grant the registration process to specific email domains (eg, only @this.org and @that.org users can register).
The config would need the following parameters:
Unfortunately I have very little PHP knowledge to do it on my own.
I hope it's doable. Otherwise, I would really appreciate any suggestion on how to achieve this, even with a different tiny library, integrated with php-crud-api's registration and session management.
Cheers,
Fausto
The text was updated successfully, but these errors were encountered: