Hello.
I want to implement a password recovery functionality similar to Backendless in my app. In other words, I want to pass an Id in the url.
How to do this? Is Id=objectId what is registered in the Users table? Should I create a template for this?
Thanks.
Fernando Oliveira
Hi @Fernando_Oliveira ,
It may be not secure enough to simply pass id in the url to restore password since if other users know user ID they can, theoretically, mess around with password restoration logic.
It is better to generate one-time code which then will be used by password restoration logic. Logic which will generate such code should check user session. Also this logic should be placed on the server side in CloudCode.
Regards, Andriy
1 Like