WEBVTT

00:01.440 --> 00:06.480
So let's keep working on our reset password page, and I'm looking right now at the bottom part, the

00:06.480 --> 00:12.660
JavaScript, and what I need to work on next is the actual point from here on, after we get all our

00:12.660 --> 00:14.210
validation, everything is OK.

00:14.220 --> 00:17.640
We have two matching passwords and we need to send a payload.

00:17.850 --> 00:23.760
Now, we're not able to get the email from the form, so we'll change that the password, because we

00:23.760 --> 00:27.570
know that's what we have in the form and we'll call that password.

00:28.680 --> 00:32.090
So that gets the password and the email we pass to this as data.

00:32.970 --> 00:38.490
So email is actually equal to, in our case, index data.

00:39.660 --> 00:45.480
And we called it email and we closed the double quotes there and closed the double quotes here and give

00:45.480 --> 00:45.940
it a comma.

00:46.200 --> 00:47.280
So now we have our payload.

00:48.980 --> 00:50.970
And we're not going to go to forgot password.

00:51.590 --> 00:53.710
We're going to go to reset password.

00:54.060 --> 00:56.180
We get an error, we're still going to show the error.

00:56.750 --> 01:02.780
But if we get success, I actually want to display just for a couple of seconds the success message

01:02.780 --> 01:06.710
that says password has been reset and then I'll take them to the login page.

01:07.040 --> 01:09.040
So I'll just say Satima.

01:11.500 --> 01:12.580
And that will be a function

01:16.480 --> 01:23.740
and all we're going to do in there is after two thousand milliseconds, which is two seconds will say

01:23.740 --> 01:25.660
location, a trip.

01:26.330 --> 01:29.760
It was the longest I can log in at that point.

01:31.940 --> 01:39.030
So we've got this all set up now when you go to the back end and add a route for resetting the password.

01:39.920 --> 01:42.830
So let's go to our API roots route, Stasch API.

01:44.750 --> 01:49.820
Then right here, duplicate this line and change that to reset password.

01:52.660 --> 01:58.000
And we'll call a function which we'll just call reset password,

02:01.180 --> 02:02.300
which we have create now.

02:02.470 --> 02:04.390
So let's go to our handlers API.

02:08.130 --> 02:14.670
And right at the bottom, I'll add any function function with a receiver at the point of the application

02:16.050 --> 02:21.600
reset password, give it its two required parameters.

02:30.420 --> 02:33.720
OK, let's give ourselves some room and start writing this.

02:34.950 --> 02:40.560
Now we know we're getting a Jason payload, so let's create a variable called payload and it's a struct

02:42.120 --> 02:43.410
and it only has two fields.

02:44.040 --> 02:51.600
Email, which is a string and an adjacent that's going to be called email and password.

02:51.750 --> 02:53.700
The new password, which is a string.

02:53.820 --> 02:56.430
And in JSON that's called password.

02:59.640 --> 03:06.360
And of course, we just read our Jason, so we check for an error is Abdul-Karim Jason and it requires

03:06.360 --> 03:10.380
W and R and we're going to read into our payload variable.

03:10.380 --> 03:11.100
We just create it.

03:11.860 --> 03:12.750
If there's an error,

03:16.590 --> 03:23.940
we'll just say after that request and you can do whatever you want that are error and return.

03:26.640 --> 03:33.210
Once we have the Jason, let's go get the user by email, so user and potentially there are assigned

03:33.210 --> 03:40.490
the value of DB, don't get user by email and that would be payload email.

03:42.360 --> 03:50.080
And again, we check for an hour, just copy and paste them and give ourselves some more room.

03:50.490 --> 03:55.890
Now I'm going to use that user because I need to create a database function that resets a password with

03:55.890 --> 03:57.720
user ID and that gets me the user I.D..

03:59.670 --> 04:01.430
So now let's create a new hash.

04:01.440 --> 04:03.660
We have the password and so let's create a new hash.

04:04.020 --> 04:05.040
And this is really easy.

04:05.340 --> 04:12.720
We just use the standard decrypt library decrypt and we want to generate a hash from a password.

04:12.720 --> 04:14.640
And it requires two arguments.

04:14.640 --> 04:17.940
The first one has to be a slice of bytes and it's the new password.

04:17.940 --> 04:19.470
So that's payload password.

04:22.590 --> 04:24.260
And the second one is just an integer.

04:24.480 --> 04:26.070
How big a hash should this be?

04:26.070 --> 04:27.990
And 12 is what we've been using right along.

04:27.990 --> 04:29.670
So let's use 12 then.

04:29.670 --> 04:31.240
That's kind of the standard for this sort of thing.

04:31.290 --> 04:34.970
Again, if there's an error, I'll just paste in what was on my clipboard.

04:35.730 --> 04:40.980
So now we have the new hash for the user, the new password hash, because we're not storing the password

04:40.980 --> 04:42.540
in the database for storing the hash.

04:42.930 --> 04:48.600
So what I'll do now is call a function that I haven't written yet after DV dot and I'm going to call

04:48.600 --> 04:52.890
it update password for user.

04:52.890 --> 04:54.060
And I will take two arguments.

04:54.660 --> 04:58.380
A user and the new hash, new hash, which has to be a string.

04:58.740 --> 05:06.130
So I'll just convert my hash to a string new hash and I'll check for an error.

05:06.690 --> 05:09.260
Now this doesn't exist yet, so let's go over to models.

05:09.460 --> 05:12.570
Go and just write it because it's a very, very simple function.

05:13.290 --> 05:16.650
So models don't go at the very bottom.

05:16.800 --> 05:27.540
I'll create a new function func with a receiver m DB model and it's going to be called update password

05:27.540 --> 05:28.230
for user.

05:28.500 --> 05:30.030
And it requires two arguments.

05:30.240 --> 05:37.440
You, which is a user and hash, which is a string, potentially it returns an error.

05:40.020 --> 05:47.220
So I return at the very end, then I'll go up to the top and copy my contact stuff as I always do.

05:51.210 --> 06:00.440
And I will write my statement statement as TMT is a sign the value of update users set password.

06:00.750 --> 06:04.190
I called a password even though we're not storing password because it's easy to find that way.

06:05.620 --> 06:12.500
Equaled questionmark, where idee equals to questionmark and we just ignore the first return.

06:12.520 --> 06:22.750
We still care about the result, but we do care about the error is a sign the value of Amla, GB, the

06:23.290 --> 06:26.170
exact context, and we give it the context.

06:28.180 --> 06:36.550
We give it the new password, which I called hash, and we give it the user, which is Utah ID, and

06:36.580 --> 06:37.270
we check for an error.

06:37.870 --> 06:41.050
If error is not equal to nil, I should have to give it.

06:42.320 --> 06:48.290
Statement to CMT, that's better if air is not equal to no

06:51.980 --> 06:58.710
return or otherwise return, which is already there, so that should take care of that.

06:58.730 --> 07:00.740
So let's go back to our API handlers.

07:00.930 --> 07:02.620
Temblors Dash API Duko.

07:03.080 --> 07:04.510
We've now updated the password.

07:05.240 --> 07:10.010
So at this point, all we have to do is send back a Jason response saying everything went as expected.

07:10.340 --> 07:17.390
VAR RESP is a struct and it has an error which is a bool.

07:17.720 --> 07:26.150
And in adjacent that's called error and it has a message which is a string which we're ignoring.

07:26.150 --> 07:27.160
But I'll put it in there anyway.

07:28.940 --> 07:31.520
Jason, message

07:34.460 --> 07:39.470
rasped error equals false because there is no error.

07:41.420 --> 07:54.230
Message is equal to password change and I just write to Jason after Jason give it w htp dot status created

07:54.920 --> 07:57.230
just fine and respin.

08:00.390 --> 08:01.620
And that should be it.

08:01.980 --> 08:05.700
So let's try this, OK, let's make sure everything is stopped.

08:05.960 --> 08:08.760
Make stop start.

08:13.440 --> 08:23.790
And let's go back to our Web browser and let's click on Forgot Password admin at example dot com.

08:26.730 --> 08:32.790
So it should have sent the email so ago to Mail Trap, and there it is, click on the link.

08:34.510 --> 08:37.360
There's my password form, so my old password was password.

08:37.390 --> 08:44.230
I'll make the new one password to password to reset the password.

08:45.830 --> 08:46.760
Password reset.

08:47.890 --> 08:53.560
And now I'm with the logging streets and I'll try logging in as an example, not with the old password

08:54.220 --> 08:55.990
password log it.

08:57.010 --> 08:58.850
Invalid authentication credentials.

08:58.870 --> 09:00.160
Now I'll put it to at the end.

09:01.730 --> 09:08.060
And I've logged in successfully, so we've managed to update the user's password, so that's it for

09:08.060 --> 09:08.990
this part.

09:09.170 --> 09:11.060
Let's move on to the next task.