{"id":25000166,"url":"https://github.com/thinkmill/keystone-forgotten-password","last_synced_at":"2025-04-12T08:44:46.811Z","repository":{"id":57126376,"uuid":"86767852","full_name":"Thinkmill/keystone-forgotten-password","owner":"Thinkmill","description":"Keystone Password Reset Plugin for Keystone 4.0","archived":false,"fork":false,"pushed_at":"2019-05-16T09:59:09.000Z","size":127,"stargazers_count":13,"open_issues_count":6,"forks_count":5,"subscribers_count":23,"default_branch":"master","last_synced_at":"2025-04-12T00:17:10.180Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Thinkmill.png","metadata":{"files":{"readme":"README.md","changelog":"changePassword.js","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-03-31T02:06:19.000Z","updated_at":"2022-03-28T10:44:33.000Z","dependencies_parsed_at":"2022-08-31T08:12:03.821Z","dependency_job_id":null,"html_url":"https://github.com/Thinkmill/keystone-forgotten-password","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Thinkmill%2Fkeystone-forgotten-password","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Thinkmill%2Fkeystone-forgotten-password/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Thinkmill%2Fkeystone-forgotten-password/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Thinkmill%2Fkeystone-forgotten-password/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Thinkmill","download_url":"https://codeload.github.com/Thinkmill/keystone-forgotten-password/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248543825,"owners_count":21121837,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-02-04T19:31:43.372Z","updated_at":"2025-04-12T08:44:46.791Z","avatar_url":"https://github.com/Thinkmill.png","language":"JavaScript","readme":"# Keystone Forgotten Password\n\n[![Build Status](https://travis-ci.org/Thinkmill/keystone-forgotten-password.svg?branch=master)](https://travis-ci.org/Thinkmill/keystone-forgotten-password)\n\n\n## What is This?\nThis is for keystone applications only. Keystone projects having a user model may require a reset password setup. this plugin adds the required models and routes, you will have to interact with the routes yourself in your own application, including writing your own email handlers.\n\n### Note\n\nThis plugin assumes you have a `user model` with a password property with a keystone Password field type.\n\n\n## Exports\n\n```js\n\t// Exposes routes for a password reset\n\tconst forgotPassword = require('keystone-forgotten-password'); \n\t\n\t// Exposes a single route to change a password for a logged in User.\n\tconst { updatePassword } = require('keystone-forgotten-password');\n```\n\n\n## Prerequisites\n - Node V6+\n - Keystone 4.0.0.beta-5\n - User model with Password field type\n - The need to add a password reset to your application\n\n## Usage\n\nFor IP logging of requests ensure you set:\n``` js\n\tapp.enable('trust proxy')\n```\n\n### Forgotten Password\n\n```js\n\n// routes/index.js\nconst forgottenPasswordPlugin = require('keystone-forgotten-password');\n\nconst forgottenPassword = forgottenPasswordPlugin({\n\t// define what happens on the given email handlers.\n\tonForgotEmail: (locals) =\u003e sendForgotEmail(locals),\n\tonChangePasswordEmail: (locals) =\u003e sendChangePasswordEmail(locals),\n});\n\nexports = module.exports = function (app) {\n  app.get('/', routes.views.index);\n  app.use('/auth/', forgottenPassword); // routes are mounted on /auth/ auth/forgot, auth/change-password will be added\n};\n\n// model/User.js\nconst keystone = require('keystone');\nconst { enhanceUser } = require('keystone-forgotten-password');\n\nconst User = new keystone.List('User');\n\nUser.add({\n\temail: { type: keystone.Field.Types.Email },\n\tpassword: { type: keystone.Field.Types.Password },\n});\n\nenhanceUser(User);\n\nUser.schema.virtual('canAccessKeystone').get(function () {\n\treturn true;\n});\n\nUser.defaultColumns = 'displayName, email';\nUser.register();\n\n```\n\n### Update Password for Logged in Users\nIn the case where you have a 'Profile' page in your application and you want to allow user to change their password setup the following.\n\n```js\n\n// routes/index.js\nconst { updatePassword } = require('keystone-forgotten-password');\n\n\nexports = module.exports = function (app) {\n  app.get('/', routes.views.index);\n  app.use(middelwares.authenticated, updatePassword()); // route is added to /update-password\n  // alternatively\n  app.use('/profile', middlewares.authenticated, updatePassword());\n  \n  // forgottenPassword checks by default req.user from your custom middleware, want to check a different property i.e. req.appUser?\n  // want to send an email?\n  app.use('/profile', middlewares.authenticated, updatePassword({\n  \tuserRequest: 'appUser',\n  \tonChangePasswordEmail: (locals) =\u003e sendChangePasswordEmail(locals),\n  }));\n\n};\n\n\n```\n\n\n\n\n## Routes\n\n\n|\tRoute\t|\t\tPayload\t\t | Response |\n|-----|--------|----------|\n| POST /forgot | ```{ \"email\": \"test@test.com\" } ```| 400 for email validation, 200 for email exists or does not|\n|\tPOST | /change-password |\t```{ \"password\": \"usersNewPassword123\", forgotPasswordKey: \"(UNIQUE GUID Value)\" }```|\n| POST | /update-password (ensure this is behind auth middleware) | ``` {\"password\": \"usersNewPassword123\", \"existingPassword\": \"existingPassword\" } ``` |\n\n\n## API\n\n### Forgotten Password Plugin\n```js\nconst forgottenPasswordPlugin = require('keystone-forgotten-password');\n```\naccepts the following config object.\n\n|\tKey\t|\t\tValue\t\t | Required |\n|-----|------------|----------|\n| onForgotEmail: Function | requires a function which returns a promise. The promise is given the entire user object and ```forgotPasswordKey``` which must be provided in the reset password link to change-password in your front end application. | Yes |\n| onChangePasswordEmail: Function | requires a function which returns a promise. The promise is given the entire user object | Yes |\n| keyExpiry: number | Integer in hours, defaults to 24 hours. The key sent in the email will live until the given expiry | No |\n\n```js\nconst { enhanceUser } = require('keystone-forgotten-password');\n```\n\nTo add the additional property ```passwordLastUpdated: { type: Date },``` to your User model you can use this helper. Adding this field manually is possibly but not recommended.\n\n### Update Password Plugin\n```js\n// Exposes a single route to change a password for a logged in User.\nconst { updatePassword } = require('keystone-forgotten-password');\n\n```\n|\tKey\t|\t\tValue\t\t | Required |\n|-----|------------|----------|\n| onChangePasswordEmail: Function | requires a function which returns a promise. The promise is given the entire user object | No |\n| userRequest: string | name of property on express req object containing the current user defaults to req.user | No |\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthinkmill%2Fkeystone-forgotten-password","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthinkmill%2Fkeystone-forgotten-password","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthinkmill%2Fkeystone-forgotten-password/lists"}