Hello,

This is something I implement in most projects, but unfortunately I can't share an example at the moment.

I'l try to describe how it works, though:

1) Create an entity (e.g. UserPasswordRecovery) with attributes:

• UserId - User identifier
• Token - text (64)
• TokenExpiry - datetime

2) Create a new screen that receives a Token as an input parameter (in this example I'll call it ResetPassword and assume it is in an eSpace called ResetPasswordApp, so its URL would be https://yourserver/ResetPasswordApp/ResetPassword.aspx).

In the preparation of this screen query, the UserPasswordRecovery entity for the Token. If the query returns a record and the TokenExpiry wasn't reached you should show the inputs to reset the user password. If not results are returned, or the TokenExpiry has been reached, show an error message.

When the user resets the password successully, delete the UserPasswordRecovery records for that user.


3) Create a new screen to start the password recovery process (usually asking for the user's email).

When the user starts the recovery process create a new record in the UserPasswordRecovery table. Fill in the Token attribute using the system function GeneratePassword() to generate a random string of 64 characters. Fill in the TokenExpiry attribute with the date and time your recovery link will expire (usually it goes from a couple of hours to 48 hours, depending on your level of security concern).

After creating the record, send the user an email with a link to the screen you created on 2), passing the Token you just generated as an input to that screen (e.g. https://yourserver/ResetPasswordApp/ResetPassword.aspx?Token=wvebde12ncrmeovneribv344irninefvn)

4) Add a "Forgot your password?" link from your login screen to the screen you created on 2)

Hope this helps!

How do I get the Token as the input parameter?

I have created a forget password link as described above however, when the user clicks on the link, I don't get the token as an input parameter token= "", what am I missing?

Colette, have you actually passed the token as a parameter?

Kilian honest answer,  I'm not sure...

I have Token as an Input Parameter in the Email, this works as it is being used to populate the link in the email.
I then have Token as an Input Parameter in the UserPasswordReset Screen, but when the UserPasswordReset is debugged Token Input Parameter = ""

I am sure I am missing something, but can't figure it out...

It's difficult to say what's wrong without more details. There could be a typo on the parameter name from the e-mail link, for example.

Hi Kilian,

The email looks correct, but I think there was a problem with the actual URL, I am editing this to see if it solves the problem.

Thanks
Colette





Colette

Kilian, thanks for pointing me in the right direction - it was the URL that was the problem.

Hi Colette,

Glad I could be of some help :).

Hi Satyabrata,

I think it's rather rude and lazy to ask for a reusable sample. Please refrain from such inquieries.