ashok
Custom controller for reset password using Pow
I have used Pow for user authentication and successfully created login & logout feature using custom controller (Custom controllers — Pow v1.0.39 ) Now I want to create Forgot Password feature. Pow provides reset password extension “PowResetPassword”. I have install Pow extension by reading the documentation (PowResetPassword — Pow v1.0.39)
I have created a new controller for reset password “WEB_PATH/controllers/reset_password/reset_password_controller.ex”
The controller code is shown below.
def new(conn, _params) do
changeset = Pow.Plug.change_user(conn)
render(conn, "new.html", changeset: changeset)
end
def create(conn, %{“user” => user_params}) do
conn
|> PowResetPassword.Plug.create_reset_token(user_params)
|> case do
{:ok, conn} ->
conn
|> put_flash(:info, 'Check your email to reset password')
|> redirect(to: Routes.reset_password_path(conn, :new))
{:error, conn} ->
conn
|> put_flash(:info, "Error resetting")
|> redirect(to: Routes.reset_password_path(conn, :new))
end
end
def update(conn, %{“user” => user_params}) do
PowResetPassword.Plug.update_user_password(conn, user_params)
# {:ok, conn} = Pow.Plug.clear_authenticated_user(conn)
redirect(conn, to: Routes.login_path(conn, :new))
end
My reset password view is:
<%= form_for @changeset, Routes.reset_password_path(@conn, :create), [class: “form-wrap login-form w-100”], fn f → %>
Reset password
<% end %>
My routes are
signup_path GET / MyAppWeb.RegistrationController :new
signup_path POST / MyAppWeb.RegistrationController :create
login_path GET /login MyAppWeb.SessionController :new
login_path POST /login MyAppWeb.SessionController :create
reset_password_path GET /reset-password/new MyAppWeb.ResetPasswordController :new
reset_password_path POST /reset-password MyAppWeb.ResetPasswordController :create
reset_password_path PATCH /reset-password/:id MyAppWeb.ResetPasswordController :update
PUT /reset-password/:id MyAppWeb.ResetPasswordController :update
reset_password_path GET /reset-password/:id MyAppWeb.ResetPasswordController :edit
logout_path DELETE /logout MyAppWeb.SessionController :delete
game_path GET /game MyAppWeb.PageController :index
websocket WS /socket/websocket MyAppWeb.UserSocket
When I hit submit ‘continue’ button in reset password page with or without entring any email I am getting error as shown below:
CaseClauseError at POST /reset-password
no case clause matching: {:error, #Ecto.Changeset<action: :update, changes: %{}, errors: [password_hash: {“can’t be blank”, [validation: :required]}, password: {“can’t be blank”, [validation: :required]}], data: #MyApp.Users.User<>, valid?: false>, %Plug
I have taken reference from the Pow module PowResetPassword.Phoenix.ResetPasswordController present in my project “deps” folder but not sure which one to use in “create” , “edit” and “update”. please suggest how can I over come this issue.
Marked As Solved
danschultzer
Your case statement is invalid. PowResetPassword.Plug.create_reset_token/2 returns {:ok, %{token: token, user: user}, conn} or {:error, changeset, conn}.
For security you should also respond with success no matter the result:
def create(conn, %{“user” => user_params}) do
conn
|> PowResetPassword.Plug.create_reset_token(user_params)
|> case do
{:ok, %{token: token, user: user}, conn} ->
# Send e-mail
conn
|> put_flash(:info, 'Check your email to reset password')
|> redirect(to: Routes.reset_password_path(conn, :new))
{:error, conn} ->
conn
|> put_flash(:info, 'Check your email to reset password')
|> redirect(to: Routes.reset_password_path(conn, :new))
end
end
Take a look at the controller for more.
Also Liked
danschultzer
Just for anyone who’s reading, the question was answered on Github: Custom controller for reset password using pow · Issue #354 · pow-auth/pow · GitHub
sveredyuk
@danschultzer I see. Thank you a lot for your amazing work.
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #code-sync
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








