Using change password page directly gives url expired error

Sneha_Borkar · February 15, 2022, 7:27pm

Hi

I want to use change password page from “system” directly inside my authenticated page in the app
so im not going to page to enter email address and get the mail but directly to change password page to change the password of current logged in user.

so i was trying to use already exusting page in system but getting following error

mark-piller · February 15, 2022, 7:33pm

What does the logic look like?

Sneha_Borkar · February 15, 2022, 7:35pm

logic is the same already existing logic of change-password page inside “system”

mark-piller · February 15, 2022, 7:56pm

I haven’t compared it with the original implementation. Did you make any changes there?

Sneha_Borkar · February 15, 2022, 8:05pm

Hi @mark-piller

No im not sure but idont think i have made any changes there only two print statements are added.

Btw it works completely fine by the procedure shown in one of your videos of change and forgot password
wherein it goes to enter email id page first and sends a mail and from that link goes to change password page there i get success

But now im trying to use already existing change-password page inside a page after login so in this case user is already authenticated so i need not enter email id nd should directly be able to change password (as per my required functionality)

so i redirected directly to change-password page (already existing one from system) but it gives url issue as mentioned

mark-piller · February 15, 2022, 8:55pm

The page I demonstrated is used when the user clicks a link received in the email. That link contains a token that identifies the password change session. It sounds like you’re trying to use the same page, but in a different flow. If the token is not there, then of course the same page will not work.

Sneha_Borkar · February 16, 2022, 5:01am

Hi @mark-piller

ohh… after login we receive an token of an user cant i pass that token?

basically i want to recreate change password but without sending mail

Andriy_Konoz · February 16, 2022, 9:38am

Hi @Sneha_Borkar,

Unfortunately it is impossible to change user password without sending email with “password change” link. I have created discussion for our team with internal number BKNDLSS-27806 to add support for this feature. We will reach you out when decision about this feature will be made.

Regards, Andriy

mark-piller · February 16, 2022, 1:03pm

Please watch this video, it describes how password can be changed for a user:

Sneha_Borkar · February 17, 2022, 8:18am

Thanks @mark-piller

This is exactly what I wanted!!!

But why don’t we receive user-token in the result returned in this change password block?

olhadanylova · February 17, 2022, 8:40am

Hello @Sneha_Borkar,

For security improvement password changing and user authorisation are separated in two different operations.

Regards,
Olha