Hey guys ! Is there a way to validate the reset-p...
# support-questions-legacy
u
Hey guys ! Is there a way to validate the reset-password token (/auth/user/password/reset) without actually resetting the password We'd like to display a reset password form only if the token is valid
r
hey @ulys3556 this is interesting..
so you could override the createPasswordResetToken recipe function on the backend to call the original implementation first, which would return a token. Then you save the token in your db before returning it from the function
Then you can make an API on your backend which takes in a password reset token and checks if it exists in your db. If it does, it's valid.
Finally, you want to remove that password reset token from your db after a certain amount of time, or if it's successfully consumed
u
I see ! Thanks for the tip 🙂
2 Views