ember.js - Sails/Waterlock password reset flow -


g'day all,

does have experience waterlock flow passsword resets? i've hit wall can see work-around for, seems in-elegant, i'm missing something.

when send through auth/reset post email element, system proceeds shoot email out planned.

when submit received link in post request, password element, see "404" response.

however

if submit link request first, , submit post works.

when waterlock-local-auth source, reset post action testing presence of decrypted token in request object before allowing proceed.

so

either code front end send request (which doesn't respond properly) , resubmit post, or go in , hack waterlock-local-auth code include decode of token (which i'm thinking elegant solution).

any clues?

thanks,

andy

i have got similar problem, use angularjs frontend. discussion thread helpful:

https://github.com/waterlock/waterlock-local-auth/issues/7

basically, expected submit request url received in password reset email. after click link token, find in database new resettoken record has been created , value in token column 1 see in url. should redirected forwardurl in waterlock.js setting, there should form or can make post to:

http://yourdomain.com/auth/reset?password=newpassword

then password reset , resettoken record removed database.

if @ handlepost function here:

https://github.com/waterlock/waterlock-local-auth/blob/master/lib/controllers/actions/reset.js#l68

this can explain why posting url sent in reset password email returns 404. resettoken must exist in session in order issuepasswordreset invoked. , place set req.session.resettoken within validatetoken method:

https://github.com/waterlock/waterlock-local-auth/blob/master/lib/controllers/actions/reset.js#l188

so need request first. hope helps.


Comments

Post a Comment

Popular posts from this blog

javascript - jQuery: Add class depending on URL in the best way -

i have html progress meter: <div class="col-md-3" style="margin-left: -20px;"> <div class="progress-pos active" id="progess-1"> <div class="progress-pos-inner"> login </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-2"> <div class="progress-pos-inner"> scan items </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-3"> <div class="progress-pos-inner"> confirm address </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-4"> <div class="progress-pos-in...
Read more

caching - How to check if a url path exists in the service worker cache -

i need check if particular url path exists in service worker cache. example, suppose url is: /myserviceworker/service?a=110&b=70 this url exists in cache, there many of them different values of , b. now, suppose want refresh of these urls, how can that? i want know how access key values service worker cache. if know key, plan follows: var url = new url(key); if(url.pathname === "\/myserviceworker/service") refetch key but not sure how cache key , in format is. mean, string or url? cache api has match() method returns promise resolving in response object if match or undefined if no match exists. second parameter object can specify ignoresearch not take account url parameters. the ignoresearch option supported firefox ( chrome status here ). in other hand, retrieve cache entries, can use keys() method.
Read more

Redirect to a HTTPS version using .htaccess -

i need modify .htaccess file redirect urls https version without "www". http://example.com --> https://example.com http://www.example.com --> https://example.com https://www.example.com --> https://example.com this how .htaccess file looks like: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ redirect.php?id=$1&page=$2 [qsa,l] what modifications need make .htaccess in order forward https without "www"? it depends on doing current code. looks file called redirect trying display php page seo friendly url. think might confusing people. anyway, need , force https without www, need 1 more rule above. also second rule needs two capture groups in rewriterule test string because wanting 2 different values using $1 , $2 references. rewriteengine on #rediect www non www and/or http https --- combinations. rewritecond %{http_host} !^example\.com [nc,or] rewritecond %{https} !^...
Read more