https://github.com/saltukalakus/auth0-custom-password-reset-link

Auth0 custom password reset link with Webtask
https://github.com/saltukalakus/auth0-custom-password-reset-link

auth0 redirect-urls sendgrid webtask

Last synced: about 2 months ago
JSON representation

Auth0 custom password reset link with Webtask

• Host: GitHub
• URL: https://github.com/saltukalakus/auth0-custom-password-reset-link
• Owner: saltukalakus
• License: mit
• Created: 2017-02-08T21:20:14.000Z (about 8 years ago)
• Default Branch: master
• Last Pushed: 2017-02-10T21:53:20.000Z (about 8 years ago)
• Last Synced: 2025-01-11T04:44:08.050Z (4 months ago)
• Topics: auth0, redirect-urls, sendgrid, webtask
• Language: JavaScript
• Homepage:
• Size: 25.4 KB
• Stars: 2
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
## What it does?

In [Password Flow 2 option enabled accounts](https://auth0.com/forum/t/changepassword-v2-flow-and-force-password-reset/2535/1), with this simple project running on [Webtask.io](https://webtask.io)

you could replace the password reset email view of your Lock. With Webtask hosted reset email view, you could set different redirect to URLs for your applications even they are using the same client ID in the Auth0 dashboard which is currently not possible to setup from the management dashboard.

To make this possible, spin up a new instance of this project for each different redirect to URLs and in 

Lock configuration of your application set the [forgot password link](https://auth0.com/docs/libraries/lock/v10/customization#forgotpasswordlink-string-) to this instance.

Note that, your Lock version should be 10 or newer.

## How it works?

1- User clicks on Lock password reset link. 


2- Browser navigates to the instance of this project in webtask.io


2.1- Webtask instance provides it's own user interface to get the user email.


2.2- Webtask instance makes a [Management v2 API call](https://auth0.com/docs/api/management/v2#!/Tickets/post_password_change) to get the customised password reset link.


2.3- Webtask instance sends the received email link in 2.2 to user's email address provided in step 2.1


3- User clicks on the link.


4- User updates the password with Auht0 hosted page.


5- After the password update, user is redirected to the customised redirect to path configured in step 2.


## Prerequisites

* Install Node.js and Npm 

## Setup

* Setup a new client for management v2 API calls in Auth0 management dashboard


Follow [this link](https://auth0.com/docs/api-auth/config/using-the-auth0-dashboard) to make the setup.

While creating the client, select `Auth0 Management API` in your authorized API dropdown. 

In the next window enable your new client and select `create:user_tickets` scope. 

* Install libraries

```bash

npm install

npm install -g wt-cli webtask-bundle

wt init

```

* Copy the `sample_config.json` as `config.json` in the same folder.

* Get the Webtask token for your Webtask.io account. You can find the token with below command line call.

 

```bash   

wt profile ls --show-token

```

* Paste your Webtask token to config.json


`"webtaskToken":"YOUR_WEBTASK_TOKEN"`

* Fill the other required parameters in config.json.

  * Project name in the webtask link created. For each different redirect to update this setting.


  `"webtaskName": "custom-password-reset"`

  

  * ID of your Auth0 client created in [setup](https://auth0.com/docs/api-auth/config/using-the-auth0-dashboard)


  `"AUTH0_APIv2_CLIENT_ID":"YOUR_AUTH0_API_CLIENT_ID"`

  

  * Secret of your Auth0 client created in [setup](https://auth0.com/docs/api-auth/config/using-the-auth0-dashboard)


  `"AUTH0_APIv2_CLIENT_SECRET":"YOUR_AUTH0_API_CLIENT_SECRET"`

  

  * This project currently uses [SendGrid](www.sendgrid.com) for sending emails.
 

  `"SENDGRID_KEY": "YOUR_SENDGRID_KEY"`

  

  * Sender email


  `"fromEmail" : "YOUR@EMAIL"`

  

  * resultUrl is to configure the path to redirect to after password update. Check the [API](https://auth0.com/docs/api/management/v2#!/Tickets/post_password_change) for more details.


  `"resultUrl" : "YOUR_REDIRECT_TO_URL_AFTER_PASSWORD_UPDATE"`

  

  * connectionId should be the database connection id where user email is available.

  It starts with `con_` and this id is available in the URL when you click on a [connection](https://manage.auth0.com/#/connections/database) in 

  management dashboard.


  `"connectionId" : "YOUR_AUTH0_DB_CONNECTION"`

  * Your auth0 domain like MY_DOMAIN.auth0.com or MY_DOMAIN.aut0.au.com etc.


  `"auth0Domain": "YOUR_AUTH0_DOMAIN"`

* Bundle the project and upload to Webtask.io

```bash

npm run bundle

npm run deploy

```

## How to test

Click on the created webtask link 


`https://webtask.it.auth0.com/api/run/`YOUR_ACCOUNT`/`webtaskName

## Demo

2 SPA's with Lock are currently hosted in [now.sh](https://now.sh) with the below links. Both have the same client id in Auth0 dashboard. 

I have started a webtask for each so that when an email reset update completes in Auth0 hosted page user is

returned to the correct app. Please try yourself with your email in both of the apps. Note that as both Apps

use the same connection/db you need to create an account only once. Also notice that webtask urls for both apps

are different.

* [APP-1](https://build-xkqwxuiflr.now.sh)

* [APP-2](https://build-qhwjuvtumi.now.sh)

## Useful links

* [Webtask Basics](https://webtask.io/docs/101)

* [Sandboxjs](https://webtask.io/docs/sandboxjs)

* [Webtask Bundler](https://github.com/auth0/webtask-bundle)

## License

[MIT](LICENSE)