Clientside password reset

Evening! I was wondering if anyone knows how I can manage clientside password resets (with react-router HashRouter).

It seems the only way to request a password reset is via

supabase.auth.api.resetPasswordForEmail

supabase.auth.api.resetPasswordForEmail

supabase.auth.api.resetPasswordForEmail

supabase.auth.api.resetPasswordForEmail which I'm assuming (since it's an api method) should only be called on a server.

This discussion kind of confirms this https://github.com/supabase/supabase/pull/7443#discussion_r907523385

I have played around with using it on the client but the

redirectsTo

redirectsTo

redirectsTo

redirectsTo wont honour a hashed url (

http://localhost/#/password-reset

http://localhost/#/password-reset

http://localhost/#/password-reset

http://localhost/#/password-reset). It just redirects to the route of my app. It works fine if I take the

#

# out.

I've read a little about listening for the

PASSWORD_RESET

PASSWORD_RESET

PASSWORD_RESET

PASSWORD_RESET event in

supabase.auth.onAuthStateChange

supabase.auth.onAuthStateChange

supabase.auth.onAuthStateChange

supabase.auth.onAuthStateChange and then redirecting, but I've not managed to get that working yet. Surely this isn't the official solution?

Any pointers would be great...

GitHub

Add more details for the password reset by kiwicopple · Pull Reques...

Fix #7416
Fix #7443

garyaustin•8/20/22, 8:16 PM

You can use password reset from the client side. It does not require a service_role key.
In v2 they have changed it to make that more clear... supabase.auth.resetPasswordForEmail(......

gilroyOP•8/20/22, 8:26 PM

Yeah I tried using it even though I didnt think I was supposed to, but even so it doesnt seem to accept a route that's part of a react-router HashRouter. It just redirects back to the app route rather than /#/something-fun/#/something-fun

garyaustin•8/20/22, 8:28 PM

v2 has redirectTo, not sure if that is undocumented in v1....
const { error, data } = await supabase.auth.resetPasswordForEmail(email, options: {
redirectTo: 'https://example.com/update-password',
})

gilroyOP•8/20/22, 8:31 PM

yeah I've been using

supabase.auth.resetPasswordForEmail(email, options: {
  redirectTo: 'https://localhost:3000/#/reset-password',
})

supabase.auth.resetPasswordForEmail(email, options: {
  redirectTo: 'https://localhost:3000/#/reset-password',
})

If I take the

out everything redirects fine.

but it seems to get completely ignored. I"ll keep tinkering...just figured I'd check to see if I was missing anything obvious

garyaustin•8/20/22, 8:31 PM

I can't use redirects (PWA) so if someone requests a password reset I do a onetime email login and setup a 6 digit otp screen. Then in the signin email have template just have an OTP token. When they fill in the token I take them to the password update screen and just use auth.updateUser which works if you just logged in. Maybe be more work than you need.

gilroyOP•8/20/22, 8:59 PM

thanks pal...I'll keep trying

Clientside password reset

Similar Threads

Similar Threads

Similar Threads