The “Forgot Password” feature in the app allows administrators to configure how users can reset their passwords. Admins can set up two options:
Send OTP to Email: An OTP (One-Time Password) will be sent to the user’s email. The user can then enter the OTP within the app to verify their identity and reset their password. The OTP is valid for 5 minutes.
Send Link to Email: A reset link will be sent to the user’s registered email address, allowing them to securely reset their password.
Setting App Builder
To enhance security and prevent hacker attacks, we have released and updated this feature in version 5.3.8 or above of the app builder. If you are using the “forgot password” feature sent OTP to your email, we recommend that you update the app builder.
Prerequisite
Plugin App Builder v5.3.8
or above
Activate App Builder features:
- Navigate to the App Builder page from the left sidebar.
- Click on features in the menu bar.
- Click to Forgot Password.
- OTP Expiration Time(minutes)
- Specify the time duration (in minutes) after which the OTP will expire and become invalid.
- OTP Attempt Limit
- Specify the number of attempts allowed to verify the OTP.
- OTP Verification Block Duration (minutes)
- Specify the time duration (in minutes) for which the user will be blocked from verifying the OTP after reaching the maximum number of attempts.
How to Change the Forgot Password Method?
Navigate to the General settings in App Builder to customize the Forgot Password method.
Note
The future since App builder 3.8.1
Gallery
Video
Send link forgot password
Send OTP to email
FAQs?
If you’re not receiving emails, please check the following:
– Ensure your hosting provider supports sending emails via PHP.
– Verify that port 25 is not disabled.
– Confirm that your SMTP settings are correctly configured, especially if you’re using a plugin to send emails.
1. Test Email Sending
Send a test email to verify that the email functionality is working. You can do this by:
– Use the forgot password feature on the website to test
2. Check Spam/Junk Folder
Sometimes, emails may be delivered to the recipient’s spam or junk folder. Please check these folders if do not receive the email.
Note: If you have checked both steps above and still do not see the email being sent, please recheck your server and domain settings.
– Check SPF and DKIM config for email server
– Authentication failures
– Incorrect SMTP server settings
– As for fixing the issue with SPF and DKIM records issue.
You can acquire the SPF and DKIM TXT records from cPanel -> Email deliverability. (video guide)
On source code Cirilla:
1: Convert time to seconds:
example: 1 minutes = 60 seconds or 2 minutes = 120 seconds
2: Open file: cirilla/lib/screens/auth/reset_screen.dart
3: Edit code: timeStart: 30,
or timeStart: 120,