example app, allow user to change password?

[kingja]

I seem to recall an example app that allowed users to change their password, via receiving email.  I can't seem to find this.  Or maybe it was in the docs?  Can someone point me in the right direction?

Thanks,

Jeff

[kingja]

Found it.  It is the secwin example app, web51.

[kingja]

Bruce,

After examining the web51 secwin example, I find this would be too much to add to my app.  I simply want to allow users to change their passwords, by receiving an email with a link in it, just like the secwin example provides.

I manually add new users and use their email address as the login.  I make up a password and send that via email, not very secure thus I want to give them the opportunity to change it.  I have a small user.tps file that contains the user info with the password stored as a hash, as you have described elsewhere in these forums.

In a similar fashion as the web51 app, I want to add a tab on my login form to take the current password and the new one, then submit this request back to the server.  An email would be sent to the user's email with a link to complete the password change.  I don't yet have an understanding of how to do this after looking at the web51 example.  Can you help get me started with this?

Thanks,

Jeff

[kevin plummer]

Jeff have you thought about adding a new field to your user table - UserMustChangePassword ?

This way you could force the user to change their temp password when they log in.

As for the email solution, the best method seems to be to create a table to store the link and process this via form (as Bruce explained to me in a recent post).

Cheers,

Kevin

[kingja]

Kevin,

     Thanks, that is a good idea.  I have been experimenting with the "browse-less form" technique described in NT FAQ #4.  I have this working and will add your idea as well.
     I would still like to learn more about doing this with email.  I'll keep working on this.

Jeff

[kevin plummer]

it doesn't need to be a "browse-less form", it could just be a memory form with some file access plumbed in.

the logic with the email works the same in that it opens a memory form and based on the unique random parameter passed it knows who it is etc for the password change.

[Bruce]

Hi Jeff,

I'm not 100% sure what you're asking.
I guess you need to break the process down into small bite-sized chunks, and then implement each piece, and then if you have a problem doing that you can ask a more specific question?

cheers
Bruce