Thanks Kyle! Will try to create it. If someone knows off an existing solution please let me know.
- Martin On Tue, Nov 29, 2016 at 5:46 PM, Kyle Snavely <[email protected]> wrote: > If you have an email service setup (such that you can programatically send > emails) a password reset flow isn't too complicated. Here is a simple > overview that would get you started: > - The (unauthenticated) user hits your API/backend with a password reset > email request. > - The API generates a random token which is both emailed to the user and > stored by you. > - Having received the token, the user hits another API endpoint you offer > which accepts the token and the new password. If the token matches what you > have stored, the API/backend then changes the users password. > > That is a simple overview and some best practices are outlined here: > - https://www.owasp.org/index.php/Forgot_Password_Cheat_Sheet > > Information on updating a user's password in the _users database: > - > https://couchdb.readthedocs.io/en/latest/intro/security. > html#password-changing > > > I don't believe this can be accomplished from just a couchapp -- you will > need some sort of backend that can access your user information and send > emails (or SMS etc.). OpenWhisk is an option, especially if you plan on > using other types of triggers/actions in the future, and want to design a > ready-to-scale service. This would also be a fairly simple node or python > server behavior. > > > I'm not sure if this solution would work for you, but here's a couchdb auth > lib written in node/express that makes reference to forgot-password-email > flow, something to get started with: > - https://github.com/twilson63/express-couchUser > > On Tue, Nov 29, 2016 at 10:19 AM, Martin Broerse <[email protected] > > > wrote: > > > Is there some backend ready code that lets you mail password reset mails? > > > > - Martin > > > > On Tue, Nov 29, 2016 at 3:20 PM, Garren Smith <[email protected]> wrote: > > > > > Hi Martin, > > > > > > Sorry I'm not sure. I am not a big fan of couchapps. I would rather > have > > a > > > backend that can do that all for me. > > > > > > Cheers > > > Garren > > > > > > On Tue, Nov 29, 2016 at 12:42 PM, Martin Broerse < > > [email protected] > > > > > > > wrote: > > > > > > > Hi Garren, > > > > > > > > Do you think setting this up with openwhisk is an option? How do > others > > > > solve this? > > > > > > > > - Martin > > > > > > > > On Sat, Nov 19, 2016 at 8:39 AM, Martin Broerse < > > > [email protected]> > > > > wrote: > > > > > > > > > Hi, > > > > > > > > > > I an using e-mail addresses as usernames in the _user database. > What > > is > > > > > the best practice to create a password reset mail option on > cloudant? > > > > > > > > > > - Martin > > > > > > > > > > > > > > >
