Hello everyone,
I'm working on an mobile app that I've deploy on my own mobile on IOS. I 'm trying to send an email to the person that needs to reset his password because he forgot it. I can send the email but the link in this email isn't the one I want. When I click on the link it just redirect to the homepage instead of the ResetPasssword page. I use the following URL in the RedirectToURL element:
"https://personal-xxx.outsystemscloud.com/NameofTheApp/ResetPassword?UserId="+UserId
When I clicked on this link, it just redirects me to a link of my app on the browser, in the Homepage and not the one that I want. I've tried to put the ResetPassword page anonymous or not and nothing work.
Moreover, in the URL: "UserId=0", is it normal ? because the user who clicked on the link has UserId = 10.
Moreover (again), I wanted to know if someone know, when I click on the link in the email, it only redirects to my browser and not to the current app that I have on my phone. Which I think I can understand (maybe) because I use "RedirectToURL". But I don't know how to do it in an other way.
Thank you for your help,
Marianig :))
Hi Marianig Le Roux,
The screen you want to open its should be for anonymous also. If you don't that It will redirect to the home screen. I will suggest you to send I'd of user should be encrypted so that normal user won't understand and won't try to modify it. If it doesnt work please try to attach screenshots of it.
Hope this helps
Thanks
Prince
Hi Prince,
I have already put my screen anonymous but it doesn't do anything....
Thank you for your reply :)
Then you should try with deep linking
https://www.outsystems.com/forge/component-overview/6993/deep-link
It you ll be having application into your mobile,.it will open the app directly. If not then only it will open in browser
Hello, for this to work correctly, the page must have the anonymous checkbox checked. You need to have an aggregate that receives the user's ID; I suggest creating a site property with your fixed URL, and when creating the link, it should be something like this: `Site.URLDomain + "ChangePassword?UserID=" + UserID`.
Remember that for better security, it would be advisable to have a secondary table that contains the user's ID, a token, expiration time, and whether it is active. When requesting the password reset in your logic, create a token and insert the data into this secondary entity. In the link generation, use the token instead of the user ID to avoid exposure.
As in the example, the link would be `Site.URLDomain + "ChangePassword?Token=" + GetuserExtById.List.Current.UserExt.token`.
When the user accesses the link, inside the screen, you will have a query of the user entity in your application joined with this secondary entity of the token, receiving the token received on the screen as a parameter.
This way, you can create validations for the token's time and whether it is active, etc.
Upon completing the password process, update the secondary entity, setting the token as valid to false. Thus, if someone accesses the link again, they won't be able to update the password by requesting a new link.