Hey guys Is there a way to validate the reset password token

Question

Hey guys Is there a way to validate the reset password token auth user password reset without actually resetting the password We d like to display a reset password form only if the token is valid

rp · Answer

hey < ulys> this is interesting

rp · Answer

so you could override the createPasswordResetToken recipe function on the backend to call the original implementation first which would return a token Then you save the token in your db before returning it from the function

rp · Answer

Then you can make an API on your backend which takes in a password reset token and checks if it exists in your db If it does it s valid

rp · Answer

Finally you want to remove that password reset token from your db after a certain amount of time or if it s successfully consumed

ulys · Answer

I see Thanks for the tip