Password Reset Form

If your using Enact Client Edition you can provide your own password reset page.

Before you can provide your own password reset form you will need to :

Set the configuration setting resetPasswordSlug to point the the slug where you are providing the form. In this case we will set it with a value of /pw-reset. You should always begin it with a slash indicating the slug is not contained within the admin control panel. This is done so the email that is sent to the user contains the proper slug in the link.

Create a route to handle getting and posting the form. You have to create a route because a token will be added to your custom resetPasswordSlug which acts as verification that the system generated the password reset link and establishes the user the password reset will be taking place for. So the slug emailed to the user who requested the reset will looks like /pw-reset/{some long token value}. Your route should be set up like so:

  • Type - ANY

  • Slug - /pw-reset/{token}

  • Slug Variables - token - alpha_numeric

  • Action - _pw-reset.html

Heres a basic one which could be located at enact/template/_pw-reset.html

{% extends "_layout.html" %}

{% block content %}

    <h1>Reset Your Password</h1>

    {% if enact.session.hasFlash('resetPasswordSuccess') %}
        <div class='alert-box success'>Your password has been updated! Click <a href='/login'>here to login</a>.</div>
    {% else %}

        <form method='post'>

            {{ enact.csrfTokenInput }}
            <input type='hidden' name='enactAction' value='postPasswordReset'/>

            <input type='password' name='password' required/>

            <label>Confirm Password</label>
            <input type='password' name='confirm_password' required/>

            <input type='submit' value='Set Password'/>

            {% if enact.session.hasFlash('resetPasswordError') %}
                <div class='alert-box warning'>{{ enact.session.getFlash('resetPasswordError') }}</div>
            {% endif %}


    {% endif %}

{% endblock %}

Want to do AJAX?

Include the variable ajax in the POST data and you will get a JSON response back that looks like:

  • d – (for data) Either true for success, or a string describing the error.

  • e – (for error) Will be a truthy value if the password could not be reset, with the d containing the message as to why.