Build a password reset form with HTML

#Before you begin

  • Sign up for a Userfront account
  • In your Userfront Dashboard, note your workspace ID: this appears under the workspace name on your Overview page, and looks something like 123abc4d

In this section, we create a custom password reset form that allows a user to reset their password and includes:

#Example: custom password reset form

You can clone the example password reset form on CodePen and make edits, or follow along below.

#The password reset flow is as follows:

  1. A user requests a password reset email. Userfront sends the user an email. This email contains a link to reset the user's password.
  2. The user clicks the link. The link has a special token and uuid in the URL.
  3. The user submits their new password. The user submits their new password with the password reset form on the page. The form updates the user's password and then logs in the user.
  1. The example form has the Userfront Core JS library added to the document, as described in the section below.
  2. The token and uuid from the password reset email must be present in the URL. Thus, this example form does not reset an actual password.

#Add the Userfront Core JS library

Start by adding the Userfront Core JS library via CDN or using npm.

You only need to do one of these.



Then import the library into your file(s)

#Requesting a password reset email

In order to request a password reset email, call the sendResetLink() method with the user's email address.

Userfront will email the user with a link to your workspace's Password reset path.

The link will look something like:

#Set up the form

Create your password reset form with the elements you want to use.

In this case, we've added:

  • password - required to update the password
  • password-verify - optional, for checking the password before updating it

#Pass form data to Userfront.resetPassword()

The resetPassword() method allows the user to submit a new password.

Our JavaScript needs to call this method with the new password.

Userfront then does the following:

  1. Verifies the user's credentials
  2. Updates the user's password
  3. Adds the user's access token as a cookie named access.demo1234
  4. Redirects the page to the After-login path

#Example JavaScript

In the example code here, we do the following:

  1. Reference all the elements on the page
  2. Define a custom formResetPassword() method that calls Userfront.resetPassword() with the form value
  3. Add an event listener to call formResetPassword() when the form is submitted

#Password verification

Userfront will verify that the password is the correct length and format, and we can additionally verify that the user has typed what they intended by having them type it twice.

This "passwords match" verification is performed before sending the information to Userfront.

#Error handling

Whenever the Userfront.resetPassword() method fails, we can catch its error in the promise chain.

This error contains a message property with what went wrong.

In this example, we use the setAlert() method to display the error message inside of our alert element.