Password Reset¶
Description¶
Backendless supports two types of password reset:
- Reset to a system (backend) generated password.
- Reset to a password assigned by the user.
With the first option, an email is sent to the user with a regenerated system-assigned password. With the second option, an email is sent with a link to a webpage which contains a form where the user can enter the new password.
You can choose the type of reset using Backendless Console - click the Messaging icon in the vertical icon bar on the left and then select the EMAILS tab. You will see several available templates, however the ones responsible for password reset are called User requests password recovery or User requests password recovery by link. Only one of these options can be active at a time. To make an option active, make sure the Do not send email for the event checkbox is not selected. If you make a change, make sure to click the SAVE button at the bottom of the screen.
For example, the following screenshot shows a configuration where the system will send out a link so the user can assign their own password. Notice the red color for the User requests password recovery option - this indicated that the option is disabled for the app:
In both cases (system-assigned or user-assigned passwords), the password reset sequence must initiated through the API documented below.
For the "User requests password recovery by link" option Backendless provides a default HTML form the link in the email points to. The HTML page is located in the File storage of the application, however, to edit the file and optionally change its logic, you must use the Backendless UI Builder. To do this, navigate to the FRONTEND section of Backendless Console and select the system UI Container:
Select the change-password
page:
If you make any changes to the confirmation pages, make sure to re-publish the system
UI Container by clicking the Publish UI Container icon:
It is important that the UI Container is published to the system
directory located under the web
directory:
Method¶
Non-Blocking API
Backendless.UserService.RestorePassword( String identity, AsyncCallback<Object> callback )
// You can also use the following async method:
Backendless.UserService.RestorePasswordAsync( String identity );
Blocking API
Backendless.UserService.RestorePassword( String identity );
where:
Argument | Description |
---|---|
identity |
A value for the property marked as identity which uniquely identifies the user within the application. String value. |
callback |
An object which is notified when the server completes the logout operation or returns an error. |
Return Value¶
None.
Example¶
The example below resets the password for identity "alice@yourmail.com"
.
Non-Blocking API
// do not forget to call Backendless.InitApp in the app initialization code
AsyncCallback<Object> pwRecoveryCallback = new AsyncCallback<Object>(
user =>
{
System.Console.WriteLine( "Password recovery email has been sent" );
},
fault =>
{
System.Console.WriteLine( fault.ToString() );
} );
string userEmail = "wizard@oz.org";
Backendless.UserService.RestorePassword( userEmail, pwRecoveryCallback );
// You can also use the following async method:
String userEmail = "alice@yourmail.com";
await Backendless.UserService.RestorePasswordAsync(userEmail);
Blocking API
String userEmail = "alice@yourmail.com";
Backendless.UserService.RestorePassword(userEmail);
Errors¶
The following errors may occur during the Password Recovery API call. See the Error Handling section for details on how to retrieve the error code when the server returns an error.
Error Code |
Description |
---|---|
2002 |
Version is disabled or provided wrong application info (application id or secret key) |
3020 |
Unable to find user with the specified login (invalid user identity). |
3025 |
General password recovery error. Additional details should be available in the "message" property of the response. |
3038 |
One of the requirement arguments (application id, version or user identity) is missing. |
Codeless Reference¶
where:
Argument | Description |
---|---|
user identity |
Built-in user property used for the Login, Restore Password and other operations. By default the user identity is anemail but can be changed to any other identifier in theUsers data table. |
This operation does not return a value. If the API request completes successfully, it means a password recovery email has been sent to the user. Otherwise, an error will be returned.
Consider the following record in the Users
data table:
The example below sends an email with password recovery instructions to the user identity"alice@yourmail.com"
.