Password Reminder
Sometimes users forget the password for applications. Hence, applications need to provide the password reminder utility to their users. Hypi facilitates password reminder functionality to its client.
Client applications can reset Account’s password using Hypi. Hypi has an in-built PasswordReminder data type. Create a PasswordReminder object and a verification code will be sent to the user’s email id. In turn, Hypi will accept the new password and the verification code in the form of JSON through an endpoint. And the account password will get reset.
Let’s look at the PasswordReminder structure.
type PasswordReminder {
valid: Boolean
code: String
to: Email!
from: String
subject: String
htmlMessage: String
plainTextMessage: String
}
| Parameter | Description | Example |
|---|---|---|
| valid | The valid field is ‘true’ when the object is created. It becomes ‘false’ after the password reset. | True |
| code | The verification ‘code’ is included in the email sent. Generated by the server. No need to provide the value | 01F21B593SD5VK JQYWS8N38H1F |
| to | The email account of the user | Email data type |
| from | The email from which the email will be sent to the user. You MUST have a Hypi email app configured to send email from this address. (Optional field) | Valid email id |
| subject | The subject of the email, this is a velocity template - Hypi provides a default such as "Please verify your email to" | “Change Password” |
| htmlMessage | The HTML contents of the email. This is a Velocity template that will be rendered before being sent. | - |
| plainTextMessage | A plain text version of the email | - |
Example
Create a passwordReminder object with required values such as email id, subject, etc. Other fields are optional. A valid passwordReminder object will get created and the verification code gets generated. The generated code in the code field can be referenced using $!{parent.code} in the htmlMessage or plainTextMessage fields.
- GraphQL Query
- Input Data
- Response
mutation Upsert($values: HypiUpsertInputUnion!) {
upsert(values: $values) {
id
}
}
{
"values": {
"PasswordReminder": [
{
"to" : {
"value": "[email protected]",
"type": "work"
},
"subject": "Change Password",
}
]
}
}
{
"data": {
"upsert": [
{
"id": "01F276EH3XM47XWG97HP4XS02H"
}
]
}
}
Verify the PasswordReminder object details and check the email in the ‘to’ field for the verification code.
Hi,
Your password reset code is 01F21B593SD5VKJQYWS8N38H1F.
In the HTML / Plain message, you should also provide a link to a URL where the user can enter their new password.
Include the code in this URL e.g.
https://my-app.com/reset-password?code=$!\{parent.code}.
When the user gets to this page, you will have the password reset code in the URL query string. Get this code from the URL and when the user enters the new password, make a POST request to the Hypi API as follows.
POST <hypi-domain>/email/reset/\<domain\>
Here <domain> is app instance domain and hypi domain is https://api.hypi.app.
E.g. https://api.hypi.app/email/reset/scalability.apps.hypi.app
scalability.apps.hypi.app is the instance domain on Hypi.
In the body of the request send a JSON like this:
{
"code": "\<the-code-from-the-URL>",
"password": "\<the-user's-new-password>"
}
Send curl Query to reset password:
curl --data-raw '{"code":"01F21B593SD5VKJQYWS8N38H1F","password":"cool"}' --header “content-type:application/json” https://api.hypi.app/email/reset/scalability.apps.hypi.app
Hypi will change the user's password and return HTTP status 200.
The passwordReminder object becomes invalid with this.
{
"data": {
"find": {
"edges": [
{
"node": {
"code": "01F21B593SD5VKJQYWS8N38H1F",
"valid": false,
"htmlMessage": " Hi ,<br />\n Your password reset code is .\n "
},
"cursor": "01F21B59239BT23Z6MA7QQ43FH"
}
]
}
}
}