Progress will discontinue Telerik Platform on May 10th, 2018. Learn more

Recovering User Accounts

Recovering User Accounts

No password protected system is complete without the ability to recover user accounts in case of forgotten passwords. Telerik Platform provides various ways to do that:

These methods are designed to allow the user to reset only their own password, but prevent them from interfering with someone else's.

Using Email or Username

If a user forgets their password but has entered a valid email address when registering with Telerik Platform, your application can send password reset instructions to that email address. This works as follows:

  1. The user requests a password reset by typing their username or email address in your app.
  2. Your app sends a password reset request to Telerik Platform, using the data entered by the user.
  3. Telerik Platform finds the user account that matches the entered data and sends a password reset message to its email address.
  4. The password reset email gives the user a means of resetting their password.

Keep the following in mind:

  • The password reset email expires after 2 hours
  • Only the last email sent for a given user account is valid

This is how you request a password reset by providing a username:

var obj = {
    Username: "john"
};

el.users.resetPassword(obj,
    function (data) {
        alert(JSON.stringify(data));
    },
    function(error){
        alert(JSON.stringify(error));
});

This is how you request a password reset by providing an email address:

var obj = {
    Email: "jsmith@example.com"
};

el.users.resetPassword(obj,
    function (data) {
        alert(JSON.stringify(data));
    },
    function(error){
        alert(JSON.stringify(error));
});

Customizing the ResetPasswordEmail Template

By default, the password reset message that users receive links to a generic page on https://platform.telerik.com/ that presents the user with a form to enter a new password. You can easily edit the email template to change its appearance or completely alter the recovery mechanism.

To edit the reset password template:

  1. Log in to the Telerik Platform portal.
  2. Click your app.
  3. Navigate to Users > Automated Emails.
  4. Select the ResetPasswordEmail table entry and then click Edit in the right-hand pane.
  5. Make your changes. When finished, click Save.

You can access the password reset code for a user in the template by adding the {{User.PasswordResetCode}} placeholder.

Using a Secret Question and Answer Pair

Another way to recover a user account is to provide the secret question and secret answer saved with it when registering the user as explained in Registering Users.

var obj = {
    "Username": "jsmith",
    "SecretQuestionId": 1,
    "SecretAnswer": "dog",
    "NewPassword": "n3wp@sw0rd"
};

el.users.setPassword(obj,
    function (data) {
        alert(JSON.stringify(data));
    },
    function(error){
        alert(JSON.stringify(error));
});

Implementing a Custom Password Reset Mechanism

In case you don't want to use the built-in reset password mechanism, you can create your own mechanism using the reset code from the reset password email. You also need to acquire the new password string from the user.

Keep the following in mind:

  • The password reset code expires after 2 hours
  • Only the last issued password reset code for a given user account is valid
  • The PasswordResetCode is available only in the email template code

This is how you can implement a custom password reset mechanism:

  1. Create your own password reset web page.
  2. Customize the ResetPasswordEmail template, replacing the default URL with the URL to the web page that you created. It is important to include the {{User.PasswordResetCode}} placeholder as a URL parameter.
    Example: http://example.com/resetpassword?resetCode={{User.PasswordResetCode}}.
  3. On your web page, ask the user to enter their new password.
  4. Send the reset code and the new password to Telerik Platform using the following call:
var obj = {
    "ResetCode": resetcode,
    "NewPassword": password
};

el.users.setPassword(obj,
    function (data) {
        alert(JSON.stringify(data));
    },
    function(error){
        alert(JSON.stringify(error));
});


See Also

Start a free trial Request a demo
Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.