Reset Password
Run locally for transcripts
π¨βπΌ We've now successfully verified that the user owns the account, so now we
need to actually let the user reset their password. Just don't forget to ensure
the
action
and loader
both verify that the user has verified their
ownership. This is where signed cookies come in really handy (and specifically
our verifySessionStorage
)!So in this exercise, you'll need to make a function that gets the
resetPasswordUsername
out of the verifySession
, and if that doesn't exist
then send the user to /login
.You may want to also use our
requireAnonymous
utility we built earlier as well
so authenticated users don't end up here. They've got a different flow for
resetting their passwords as part of the settings anyway.You'll also be actually resetting the user's password once they submit the form.
Once that's done, you can destroy the
verifySession
.Good luck!