Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2018-08-23 23:02:26
MySQL
Alexander, 2018-08-23 23:02:26

How to properly implement account verification and password recovery?

You need to confirm your account by email and reset your password. In both cases, you need to generate a link, send it to the user's mail, and when the user clicks on the link, determine who it is. There is an idea to add jwt to the link and then extract the necessary data from it. Is this the right way to do it or should it be done differently?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
T
ThunderCat, 2018-08-23
@smoyke

Just a hash from a valid name plus a microtime, write the hash to the database and send a link with this hash as a get parameter. We check that Vasya came with the right hash, let Vasya change the password / email.

Similar questions
G
gargamel12021-04-18 00:54:18
Working with multiple telebot keyboards? 1Reply
Z
zhandosbai2015-06-24 21:12:30
User region specifier for Yii, which one to choose? 3Reply
H
hbrmdc2015-07-11 07:09:45
How to speed up the transfer of the main js file of webApp? 3Reply
R
ReD2017-06-20 15:59:52
mod_rewrite module is now integrated into Apache? 2Reply
S
synapse_people2021-05-17 11:49:28
What should be the gt files for learning? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question