Johnny
Explore posts from serversWWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Thats why I have mentioned multiple fields, so it cant be traced back - lets say the userid+usermail+password to create the hash. The same mechanism could be used for a email change token etc.
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
After the user changes the password and would use the same token again, the hash wouldnt match with the newly generated one - due to the already changed password -> the token would immadetly be "invalidated" once it was sucesfully used
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
To check if the password is the dame as it was, once the password reset token got requested
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Just add a validation hash to the payload once it is being generated
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Sogn it, check if it is signed by thr backend etc.
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
You would do everything like it is done now
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Otherwise it isnt
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
It would be validated on sending, is the hash matches the current data, it is a valid token
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Into the jwt payload
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
@miho My idea would be, to insert a hash value that is a combination of user/userid+his current password
22 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
For anyone having simillar problems - solved it. It seems to only work with port 587 via hetzner (465 isn't)
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
Password, username etc. is correct
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
Anyone an idea why SMTP isn't working?
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
And
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
And with "Dummy" I am only getting
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
I have no clue what I am doing wrong tbh. đŸ˜„
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
26 replies
WWasp-lang
•Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
Could it be that password reset is not set up by default?
26 replies