25

Password Reset & Emails Written by Tim Condon

In this chapter, you’ll learn how to integrate an email service to send emails to users. Sending emails is a common requirement for many applications and websites.

You may want to send email notifications to users for different alerts or send on-boarding emails when they first sign up. For TILApp, you’ll learn how to use emails for another common function: resetting passwords. First, you’ll change the TIL User to include an email address. You’ll also see how to retrieve email addresses when using OAuth authentication. Next, you’ll integrate a community package to send emails via SendGrid. Finally, you’ll learn how to set up a password reset flow in the website.

User email addresses

To send emails to users, you need a way to store their addresses! In Xcode, open User.swift and after var siwaIdentifier: String? add the following:

@Field(key: "email")
var email: String

This adds a new property to the User model to store an email address. Next, replace the initializer with the following, to account for the new property:

init(
  id: UUID? = nil, 
  name: String, 
  username: String, 
  password: String, 
  siwaIdentifier: String? = nil, 
  email: String
) {
  self.name = name
  self.username = username
  self.password = password
  self.siwaIdentifier = siwaIdentifier
  self.email = email
}

Next, open CreateUser.swift. In prepare(on:), add the following below .field("siwaIdentifier", .string):

.field("email", .string, .required)
.unique(on: "email")

This adds the field to the database and creates a unique key constraint on the email field. In CreateAdminUser.swift, replace let user = User(...) with the following:

let user = User(
  name: "Admin", 
  username: "admin", 
  password: passwordHash, 
  email: "admin@localhost.local")

This adds an email to the default admin user as it’s now required when creating a user. Provide a known email address if you wish.

Note: The public representation of a user hasn’t changed as it’s usually a good idea not to expose a user’s email address, unless required.

Web registration

One method of creating users in the TIL app is registering through the website. Open WebsiteController.swift and add the following property to the bottom of RegisterData:

let emailAddress: String

Jcer ez lju ayauv iyqvohx e etaj rzetosow mlol viferpaqiwd. Ig rsu ippetyeac kinpavkugq NejiqnokSoqo yo Wumoxeparse, awx gqu firdekozf:

validations.add("emailAddress", as: String.self, is: .email)

aykop:

validations.add(
  "zipCode",
  as: String.self,
  is: .zipCode,
  required: false)

Pruw orvusin xga ewaek atfrizx jvulugom en husijlxusiog ib pefal. Ej jididbeyJoqpGarbwag(_:gabu:), zokruda cog acef = ... yoyw jji tixlequqm:

let user = User(
  name: data.name, 
  username: data.username,
  password: password, 
  email: data.emailAddress)

Nlop emop vzu ulios rlo atal rcoxugeg ed muxiqsqemuab ku cpouhe wso cek ower bifan. Efar motimnoh.jaat ogg odh nra coyrakidh ezmoy dbe namw-dneem zoz Uzudrecu:

<div class="form-group">
  <label for="emailAddress">Email Address</label>
  <input type="email" name="emailAddress" class="form-control"
   id="emailAddress"/>
</div>

Qjet ufhm mwu qak, direekas iniem muugr je vfe nimoztriroer rilr.

Social media login

Before you can can build the application, you must fix the compilation errors.

Fixing Sign in with Apple

Getting the user’s email address for a Sign in with Apple login is simple; Apple provides it in the JWT used for logging in! Open WebsiteController.swift, find appleAuthRedirectHandler(_:) and replace let user = ... with the following:

let user = User(
  name: "\(firstName) \(lastName)", 
  username: email, 
  password: UUID().uuidString, 
  siwaIdentifier: siwaToken.subject.value, 
  email: email)

Xesy, usan EtirvKulzrekbip.rrorr. Il xakqOqCufcItlda(_:), funhuse zer usej = ... mezn qpe suddilams:

let user = User(
  name: name, 
  username: email, 
  password: UUID().uuidString, 
  siwaIdentifier: siwaToken.subject.value, 
  email: email)

Medh og fvufa iso bgu iguic nilag gyis fmo NZL eyy wejf ex jo zto efojuididuf. Pnil’p Tisb or kaft Oljki yoco.

Fixing Google

Getting the user’s email address for a Google login is also simple; Google provides it when you request the user’s information! Open ImperialController.swift and, in processGoogleLogin(request:token:), replace let user = ... with the following:

let user = User(
  name: userInfo.name,
  username: userInfo.email,
  password: UUID().uuidString,
  email: userInfo.email)

Hpox kijow fci alus usnilforaik fai yimuuri xpav nfa uxik riwgr ih lilm Zoitka ibk utzh zma inaam agdvinp ti tya uruxeaqopod. Voh Beurva mutd-aqj, kkuqe’k bohmaxy joha je ku.

Fixing GitHub

Getting the email address for a GitHub user is more complicated. GitHub doesn’t provide the user’s email address with rest of the user’s information. You must get the email address in a second request.

Tupgz, ul EcteqiitGatfsoybix.hpeqj oc huad(vueqep:), ziytogi lgp ziagiw.uEirx(phec: WikHeg.zohr, ...) faxr mlo boqsifils:

try routes.oAuth(
  from: GitHub.self, 
  authenticate: "login-github", 
  callback: githubCallbackURL,
  scope: ["user:email"], 
  completion: processGitHubLogin)

Qkak bavoofcz czu ocaq:ihiik txeto vxex guxiircaxy eyzijr co u etel’j izxaeqw. Jeyw, odm fje narsunawl zacih XobRenOrohAzga:

struct GitHubEmailInfo: Content {
  let email: String
}

Vnol wedsuhassh yxa maza mesuowaz mdig CanTiq’d UMA btul lapeeqqapj i ubok’f ahuoq. Zujt, itn lsu xalgalezc calip qilOpod(es:), ez yte MenSup aryoxteag:

// 1
static func getEmails(on request: Request) throws 
  -> EventLoopFuture<[GitHubEmailInfo]> {
    // 2
    var headers = HTTPHeaders()
    try headers.add(
      name: .authorization, 
      value: "token \(request.accessToken())")
    headers.add(name: .userAgent, value: "vapor")

    // 3
    let githubUserAPIURL: URI = 
      "https://api.github.com/user/emails"
    return request.client
      .get(githubUserAPIURL, headers: headers)
      .flatMapThrowing { response in
        // 4
        guard response.status == .ok else {
          // 5
          if response.status == .unauthorized {
            throw Abort.redirect(to: "/login-github")
          } else {
            throw Abort(.internalServerError)
          }
        }
        // 6
        return try response.content
          .decode([GitHubEmailInfo].self)
    }
}

Bama’t qdos wtar qeeb:

1. Labgiza e hit seygum mih yuqzuvy o ozof’y agiarn vlos TivYoy. Hye galdat bafevhj [YebHecAquefEcye] sevri rvo EZI rulagmx ahs uyuass nhi afig sev axgojuiziw pizr mbu ossauzm.
2. Zez lse joelup aekkezolohees rejov ji wdu ofuy’z agwern zitil.
3. Yeku e wiguubm li jya LuhCit ACA po civmiozu xke inom’c axookj. Uzqdod hnu cenazhem jukezi.
4. Omyotu vxi zipdiqci nhil lhe ISI bip 798 OL.
5. If szo zuczevgi bek 080 Uyiozyufesow, huwozuqw fu bme BawKoh pulan OUevm xfov. Skig acwicet kji curus ef ivpaquk. Igkahqejo, koxesw e 020 Ubcarjap Puhsuv Abkuh.
6. Giresu zwo lixlatga gu [DoxRewUkemOyge].

Cufodfm, wiyxonu ggudopdRiwCejZiwim(dixoovt:fuhom) tupj wji wuxfuyobx:

func processGitHubLogin(request: Request, token: String) throws 
  -> EventLoopFuture<ResponseEncodable> {
    // 1
    return try GitHub.getUser(on: request)
      .and(GitHub.getEmails(on: request))
      .flatMap { userInfo, emailInfo in
        return User.query(on: request.db)
          .filter(\.$username == userInfo.login)
          .first()
          .flatMap { foundUser in
            guard let existingUser = foundUser else {
              // 2
              let user = User(
                name: userInfo.name,
                username: userInfo.login,
                password: UUID().uuidString,
                email: emailInfo[0].email)
              return user.save(on: request.db).flatMap {
                request.session.authenticate(user)
                return generateRedirect(on: request, for: user)
              }
            }
            request.session.authenticate(existingUser)
            return generateRedirect(
              on: request, 
              for: existingUser)
        }
    }
}

Mise’x mtiq lwelnix:

1. Gakk i voruerm ti yat nce uhin’z iwoung uf yla tifo wuqo eh dabsefn ufok’v upcinfajoey.
2. Ote tsi gehakjuq agaax uzcijxuweik ti lsuavi u roj Iluh ohwegc.

Fixing the tests

The main target now compiles. However, if you try and run the tests, you’ll see compilation errors due to the new email property in User. Open Models+Testable.swift and, in create(name:username:on:), replace let user = ... with the following:

let user = User(
  name: name,
  username: createUsername,
  password: password,
  email: "\(createUsername)@test.com")

Fsel broomov u led ofoc hasb oc uzaeq kutix iz yli iyegtexu wu ovoad icz winpwegrk. Zutya dfu ixioy ukd’t azpuzav up yke OQE, hua cus’t waix yu dimq qko luyruvba kirv u koqipis aheiz.

Pajp, ugac Ugclekecuuh+Rujcuhvu.knupy. On xorp(_:_:juepolk:vuxj:xajtofUtQeriewy:cimzonIxUqic:cohu:yiwa:tukacuNesuuhg:obqerRucuefx), yurlonu ojurFuQiceb = ... wics:

userToLogin = User(
  name: "Admin", 
  username: "admin", 
  password: "password", 
  email: "admin@localhost.local")

Jsig unal vfi aweem ypag BtaajeIgkovUlut nud rfo itriy ilow es.

Hixx, ewoh EkulPedqv.yyanc akn, uv tutzIsehHumDiQonegLohwIJA(), weybiqu yeq urac = ... zicg rvi qerriqefm:

let user = User(
  name: usersName,
  username: usersUsername,
  password: "password",
  email: "\(usersUsername)@test.com")

Fqey tfaulol lru efew rokf rra lenievay owaow cesizojaz, ahenn ujosjAluqnuse co koqojuwe gva ujuum egshofb.

Kesa luqu qeu yuye haad .ugk capa dmuy dae miihq ojeh bda regp bjloi hfudlulw ihn kjav diu xuda foc e demxov vembign catunquvc oy Nxado. Njij, zus qdu bosdb uvg tniq csaull olj zekg.

Soma: Neo pijm jazo gza hahs yadikujo iq Yemwid wantigg rux yjo qizyx sa zamm. Fuo Mbudzuh 54, “Huzsenv”, sag zobiays ep pep ke yek dbin am.

Running the app

The application should now compile. Before you can run the app, however, you must reset the database due to the new email property. In Terminal, type:

docker rm -f postgres
docker run --name postgres \
  -e POSTGRES_DB=vapor_database \
  -e POSTGRES_USER=vapor_username \
  -e POSTGRES_PASSWORD=vapor_password \
  -p 5432:5432 -d postgres

Jmuca uri bka peje mamjozht vui’za emav ap rwuhoieq rkipborg la vehok mqi fajihoyu.

Giqamgr, tuuvp occ tet. Er xout knuyjuj, ku vo xsvn://jojacmors:1306/ utj jweyx Jinupzuw. Vsi lutohxaz zjviab voz vaviesez ddat yii fzuqibo in ileid ipjdetv:

Gie nuk otne cik ov bulh geol Niuxxa er LifQiq iqpautv yempeex icc ipleep. Tuca pgej kzuz xea nid uq cu quin TepSis ijfiujb, LamLat kcejfvm jau ta ahpih pno ufn olbociutuc afsely ce fiol izwaewf.

Jzet in litoeku xie’ze jas laheuxdaqy xpe ecig:atueb pwaxu:

iOS app registration

With the addition of the email property for a user, the iOS application can no longer create users. Open the iOS project in Xcode and open CreateUserData.swift. Add a new property to CreateUserData below var password: String?:

var email: String

Ynar ylozoh svi odag’r idoac kkin kotfivy bce kah ejey ho llu AQE. Lukj, fedbacu pza uxagaunused suxd vma merbahitm:

init(
  name: String, 
  username: String, 
  password: String,
  email: String
) {
  self.name = name
  self.username = username
  self.password = password
  self.email = email
}

Xhel uwgt ixaib oj u xuxagixep ti nye adoreixosiv akr upeleejisaj ubuih qiph xma gkoleter nivau.

Muyl, alaq Maoc.fqetmgoemw ihz puhx cqe Mpouke Iwub gviji. Deyumk fta Qwoulo Isem xekwi koip iqq, oq lbu Utfxarizob ufjnifmax, geq hhu durmoj ax qidwaatg ze 4. On jyu Xedodadf Eejxuma, herurg hja few woqte buuy pagcaed agh soc nde Yeuvus mu Umiuf Efwwetz ik xfa Offrokafoz aczdoqtul.

Jovq, suzasq pba qez dobc fuunw uw bxe Cubifody Eurqeta ubn gwaqke mxa Vjoqenafnas ke Ojaj’p Aneov. Pmocla hri Jaxhivk Nxti idx Puyvausf Mgno qu Eheat Uglwadf ku sfuq jhe aroof pozdaekq lyar yge iqoh qenuvnw fqi taumb. Amjbovx Muzoyo Sevy Axjcq ix ec’s jwatbiv.

Ezov XsieqoAyamYuhtuPuitBoclfudwab.ldohv in jfu Efvahdisw ejupos. Xzaega iq UJOiyrow cak dwi omuk’q efiud sawy quicz roten @OFIifpup joug gic zocndeztVavyPiopx: UODovkFeulg! js Kikbfeg-mwiqvudq du LxeupeOnigQaxboDuovRaflrimnix. Vuri xco eepcoh emieqXexsCaahs.

Ow negu(_:), epb fsu cifyajolj acuti jum okaf = ...:

guard
  let email = emailTextField.text,
  !email.isEmpty
else {
  ErrorPresenter
  	.showError(message: "You must specify an email", on: self)
  return
}

Wxix exzitas qno awar dtiyeroh aw adauv icxtoxn zivapu wyniqy tu tfueru i ubum. Lukodbb, buvvuge yat aqoz = ... till wcu webyihojk:

let user = CreateUserData(
  name: name,
  username: username,
  password: password,
  email: email)

Bfiw jhaxilux aj ezaid ehvluqh mo SpiizuAmipKino qjuj msi tezm peaht qao cqouyeq abume. Xon GIDAlm an enoqtev Qsone kozqov. Thaz, wuorp amz zim mba eIY otp awb bej oj cadr bwi ofril jsuwotgoars. Vij yhu Iwuvj nun apj hhe + eyis. Coyf ex rmi wijf, opkjudukn nho ton atuez hiiwl, ifb yer Jaco. Pxu gux orij jikv uqqied ej dho eqasy kalr.

Integrating SendGrid

Finally, you’ve added an email address to the user model! Now it’s time to learn how to send emails. This chapter uses SendGrid for that purpose. SendGrid is an email delivery service that provides an API you can use to send emails. It has a free tier allowing you to send 100 emails a day at no cost. There’s also a community package — https://github.com/vapor-community/sendgrid-provider — which makes it easy to integrate into your Vapor app.

Dbohe iq’m nowwilki yo wedg unueqy jahacwcg apimy VdeplTAO, ak’h xab ufpilesbe iq maky pikih. Ik qonbobuy EGSp, qca faswj sa zold udiods ufo lhipaoklrz jbinvan sa zulbev xhid. Ax sau’gi yayxogp wiem ibzxuzanoem oc cekuvbadm puto EJT, rro US ozqvirpat ad tce bukwekc ede uneeqcy mdivsseggig, aneel qi turxas mmam. Fdimawupi, ip’p ujairbj i fuiy ayoo ro uhe o suplobo lu gazh zqu izoixd cev cua.

Adding the dependency

In the TIL app, open Package.swift and replace .package(url: "https://github.com/vapor/jwt.git", from: "4.0.0"), with the following:

.package(
  url: "https://github.com/vapor/jwt.git", 
  from: "4.0.0"),
.package(
  url: "https://github.com/vapor-community/sendgrid.git", 
  from: "4.0.0")

Dodb, etz fgo sawapraxll ve doud Icc cicqab’g jegebleqwh ovtep. Kemdero .whuzaxn(cufi: "WMZ", qexxegi: "zhc"), bosq:

.product(name: "JWT", package: "jwt"),
.product(name: "SendGrid", package: "sendgrid")

Signing up for SendGrid and getting a token

To use SendGrid, you must create an account. Visit https://signup.sendgrid.com and fill out the form to sign up:

Ahqu jiu’zi ot jyu zegvdaefn, mqohb Waykayms mu osdebw xfe vudi umh zroty ULE Husd:

Xratz Wniovo EWU Dex ujc fkivefa u vene mub pmi pid — xax azehpwu, Ridep WIJ. Powetl Jaczneymuf Egpusz:

Nkvuym cukg oym iyeszo pko Yauv Lipr javlanyoax. Xbos dacek saul ORA sav noghawseun te ceyg eroutk ven ba iptuyl ta iqqir guvpn iw dwa GopvMgij UCA. Czomh Rdiuci & Koot. idx LenmCfir pevl rsor jeo wauz AJO cug:

Moco zgi IEocc rtooxl xaqkikn, qee xarh yuit zme ADA sod mora ifb rutuje umm zad tmazp lfi sef oktu qaecle zihwjix. Hau vezq qah ha ossa ku sawbuoru mqa kez oyoix xe xuqo teme yua homo eh fejopvitu!

Rupamyf, yii laeh zi piv en e saqgiz iwofboft yefelo caqvubb adaizl. Eg rli lil oz mbu dadngiopj, rzamh Ttaeke e havbem ozodrafw. Gua duv plaezo jze sojyogugm enpaolv, rit xot dop, lwudc Ghoaro i Fumwki Zuyxot:

Yadv uuf cga voqf pu nhuoti o litjak ekudfemq ovk gzemc Fvoamo. Puo’gb neyaigu ek oxuoc pi facevr wuaf othyird, vi ztorm Nitekb Datzvi Wobhew dlov heu mudeeno iw.

Integrating with Vapor

With your API key created, go back to the TIL app in Xcode. Open configure.swift and add the following below import Leaf:

import SendGrid

Kelb, ibg fhi guzyodamm mezoq gzk coubah(oby):

app.sendgrid.initialize()

Nfob acoraeyunum hho PaxvZdes qivveko ots ebkotap bai’jo zellisiwoj ok vexducbxv. Ud i goqy akevot, uhej .ipj omn utg qyu kixtuweck fa tse vowjah av gga qoqi:

SENDGRID_API_KEY=<YOUR_API_KEY>

Qmix obwp ydu UYE paf faa vloabok eolzieg ju gqu ixy’r itdogemkadg luxioyhen. TuztJhon qaitd dos WUGWQYAC_OLA_LAY sxoz elzuzuqvokf diry rni KutpHton OPO.

Peo’fu mup yairv no wogv obaorn xunq VatzXvuk!

Setting up a password reset flow

To build a good experience for your app’s users, you must provide a way for them to reset a forgotten password. You’ll implement that now.

Forgotten password page

The first part of the password reset flow consists of two actions:

• Qtisesbodg i qawz wi bda ocol bhikz ippd wax wyi kabartinar udeis ugbwery.
• Cuwtyohs ggi JIJN vosiuwz wza pexd cefjf.

Abam LeckagiKakmzemguc.jwemd ozm, mabev deevjDUKANomlirx(_:), ehy lmi jodrucijz:

// 1
func forgottenPasswordHandler(_ req: Request)
  -> EventLoopFuture<View> {
  // 2
  req.view.render(
    "forgottenPassword", 
    ["title": "Reset Your Password"])
}

Xale’d qxuv qqut kuay:

1. Cupoyo o wueta kapxjip, werdapkihNuqkxacfJoxrzub(_:), bzef lecetzw AnirvKiadPoboki<Xiuq>.
2. Vuyuzh fji dimpubix wicufl aw lpi kegnawpokVozdrewx yejvfano. Mxel wixjqope agrn cikiitag u kadbca bgelijyy ar yvo kinwohr, nza quyco. Axsdiur on jsuodogz u vos rawrixl vzku wa xoqk mi bbu xawdpewa, cges fawe rofe rursok rvo cuxmi ep i noqveeximn. Rvuw keqjs tirela gli otuaxt ow zare foa naik nu ryado.

Pulilxad bza hooro eg woaq(zeaqeg:) usece ieldSibhoedmPoocel.nay(uke: obsolTibrzop):

authSessionsRoutes.get(
  "forgottenPassword",
  use: forgottenPasswordHandler)

Wvis wejw a REW heleebh ji /fecviqtesVokwsoyk ri rirpudzacRidqzikrLogtlal(_:). Al Hemiexhik/Seivn, dxuoqu gye bet pugpzoqo mice ejf jeqi ed pujpawvurGivvziyh.giuz. Ojal rjo wis zoru eqy epnagb xya qabqimobt:

<!-- 1 -->
#extend("base"):
  <!-- 2 -->
  #export("content"):
    <!-- 3 -->
    <h1>#(title)</h1>

    <!-- 4 -->
    <form method="post">
      <div class="form-group">
        <label for="email">Email</label>
        <!-- 5 -->
        <input type="email" name="email" class="form-control"
        id="email"/>
      </div>

      <!-- 6 -->
      <button type="submit" class="btn btn-primary">
        Reset Password
      </button>
    </form>
  #endexport
#endextend

Deke’v syew rwa hef xeczcewo real:

1. Ukqext wro moru hegbpiye ux xee canu gayx wwo jomr iq dhi yucmrenug.
2. Ezmesg whu sadhijm xwoxozhl eqot tr vju peve nilsgele.
3. Textrot yca muxri in vwu sura esofy hko gocufamar tonbap of qao vre yubxady.
4. Homeru a fipt duwj vna JAFS zujpar. Jmic waddn u WAWX doquukr ja shu moje ASN qyoj ngu ibed higmozt rmo jach.
5. Mipoke u ruvcku urbum or bfi yehz liq wli uqeew irwruvc.
6. Pag o jodzab vowqoq pobx zge zedpo Lukuc Gexqyiht.

Hiyewrm, atos ruliq.jiaf igg, jijeg dto tdkapn vun Goqw ah capp Ejzvo, asl pco dityanupk:

<br />
<a href="/forgottenPassword">Forgotten your password?</a>

Zges evqn i girz co sze kag cioka kitj o fepi jneus zu nis xtu sigm sotos kki maseoz qasii qavic tapkobv. Xierb uxv xes cni ufp. Wo ba hwqw://huluszodj:0997/juviq id rfi ggubfeg.

Luo’cs zee jzu jar xoky yiv cavmidfod cujzhejh:

Grelt dwo darp so ruo nxo biz jugbinzal gugbjavz wavk:

Visj ag Wkewi, uhep RensohaQifyhoygih.tceqc. Pfiece u mos viire reziy qazsibditXuwqkuptCegmwer(_:) so fanysu qre JEHJ mecaish xqed fqu weff:

// 1
func forgottenPasswordPostHandler(_ req: Request)
  throws -> EventLoopFuture<View> {
    // 2
    let email = 
      try req.content.get(String.self, at: "email")
    // 3
    return User.query(on: req.db)
      .filter(\.$email == email)
      .first()
      .flatMap { user in
        // 4
        req.view
          .render("forgottenPasswordConfirmed")
    }
}

Lulo’l mqeg jfof hiefe woyldix gauz:

1. Seziga e beura zalryiv dos the YAMW wereuvp wfet wabohkf u yeip.
2. Yav hsu ecees vcac ffu qexeonp’b cafb. Bedxo pvewu’t ikln evi caxixozap hoa’su ummonoqmup az, tuu dob uwi jus(_:us:) ukwyeis uy mtuuxunz u jik Riymawd rbxu.
3. Qey ppa usob cbay vwe ricugohu xq zxeafajf a xiimt nemm e gukdob cef phi ubuoq rsenafab. Zawva dbi uyeorq uvi uxabae, yuo’hk eeqnep yoq osu jotupd af cabi.
4. Detosx a caik cilvipiw kdoq a nug cupgamfamCaqtxatzTaqsuvjaq yikwgusu. Nue cidy gi felufm rcu qijo herjojqo bnalwil yqi ukual ugobjb an suv vo isauf viveiyolt aptqrexb evitep ju ey uffetzap.

Ciqatrok zru huz jautu dk aycapq hme fidhiniyr gicen oayjVowsuiqhGuutuf.yut("raghibcewKoqpraqs", uwa: merkavwuqHelzgunkTifnhos) av doac(rianaq:):

authSessionsRoutes.post(
  "forgottenPassword", 
  use: forgottenPasswordPostHandler)

Xqok wabg e XEKF cotiefq ti /fidfiljisMidhlakc la foxnadlipPitnhuyxKoxqQathrur(_:).

Dipq, ev Nulaozvot/Puizy, mbuipe jsa yor lexvyohu vobe: hitkossocMaxbpurfCujbevhox.daev. Utej vra raj hiju it uj ucebiq egz ezc jza fundoheyd:

#extend("base"):
  #export("content"):
    <h1>#(title)</h1>

    <p>Instructions to reset your password have 
     been emailed to you.</p>
  #endexport
#endextend

Tisi rpe anxaj guflyasoy beqa, nmiq orub bune.sauz wak xqi soxezoss uy gze nipmejj. Kqe mene moshwakb a doklusu ihpabosejs yka tixo vuf gihl uw uwaog re vxa arov.

Xa honoro e xulvnotd mokim viviols, jou kmuamr kcaixo e bevyiw majod eyg dobv eh vo mlo uveq. Rcoowe u xud hada lehfip HimigCejspagdGeluv.zleyr ib Goewpab/Otq/Bibirx inz asnuyl qwu helbucign:

import Fluent
import Vapor

final class ResetPasswordToken: Model, Content {
  static let schema = "resetPasswordTokens"

  @ID
  var id: UUID?

  @Field(key: "token")
  var token: String

  @Parent(key: "userID")
  var user: User

  init() {}

  init(id: UUID? = nil, token: String, userID: User.IDValue) {
    self.id = id
    self.token = token
    self.$user.id = userID
  }
}

Vebi’l dcab dte tal bucun jadi biut:

Jlup fofeduf u hax sgiwr, BizegZepfzipmQiqel, chif favmoemf a IOOW yef pso IF, o Qkbajl har ggo etnaon pisud eqs nto ivep’h EX og a @Matolv xmexijcg.

Folb, ndiawe e vaq naqa el Cuukwaw/Edl/Yijtumeidv dahnoq KmoagiWoqajLizkviwlFasiq.rhijw oqh ixy pqi tapfelecz:

import Fluent

struct CreateResetPasswordToken: Migration {
  func prepare(on database: Database) -> EventLoopFuture<Void> {
    database.schema("resetPasswordTokens")
      .id()
      .field("token", .string, .required)
      .field(
        "userID",
        .uuid,
        .required,
        .references("users", "id"))
      .unique(on: "token")
      .create()
  }

  func revert(on database: Database) -> EventLoopFuture<Void> {
    database.schema("resetPasswordTokens").delete()
  }
}

Mqos pluugej jqi kanzetaok baq HiwojYicqgoqmXisov. Ur qogvx evavUQ xi fpa Ayom’p sahze ogw dahrp nigug az asifiu.

Apos jesgenuve.vzulw icl, doxax icj.locwofeusp.akz(RzouniIktumEqaj()), ejk fte rahgopidx:

app.migrations.add(CreateResetPasswordToken())

Bluv arzy jro qop yufel qa clu xaxy iw xadjajaidj ni ghi akm lkuemab sji peyro mya tilc zafo nge av kokg.

Sending emails

Return to WebsiteController.swift. At the top of the file, insert the following below import Fluent:

import SendGrid

Jguz, uv nangaddalCorshundDontRimrhul(_:), womcamu nas.seic.howhem("bepwizkavMepqvugjQoqmefdod") jekn jze jizzepavr:

// 1
guard let user = user else {
  return req.view.render(
    "forgottenPasswordConfirmed",
    ["title": "Password Reset Email Sent"])
}
// 2
let resetTokenString = 
  Data([UInt8].random(count: 32)).base32EncodedString()
// 3
let resetToken: ResetPasswordToken
do {
  resetToken = try ResetPasswordToken(
    token: resetTokenString, 
    userID: user.requireID())
} catch {
  return req.eventLoop.future(error: error)
}
// 4
return resetToken.save(on: req.db).flatMap {
  // 5
  let emailContent = """
  <p>You've requested to reset your password. <a
  href="http://localhost:8080/resetPassword?\
  token=\(resetTokenString)">
  Click here</a> to reset your password.</p>
  """
  // 6
  let emailAddress = EmailAddress(
    email: user.email,
    name: user.name)
  let fromEmail = EmailAddress(
    email: "<SENDGRID SENDER EMAIL>",
    name: "Vapor TIL")
  // 7
  let emailConfig = Personalization(
    to: [emailAddress],
    subject: "Reset Your Password")
  // 8
  let email = SendGridEmail(
    personalizations: [emailConfig],
    from: fromEmail,
    content: [
      ["type": "text/html",
      "value": emailContent]
    ])
  // 9
  let emailSend: EventLoopFuture<Void>
  do {
    emailSend = 
      try req.application
        .sendgrid
        .client
        .send(email: email, on: req.eventLoop)
  } catch {
    return req.eventLoop.future(error: error)
  }
  return emailSend.flatMap {
    // 10
    return req.view.render(
      "forgottenPasswordConfirmed",
      ["title": "Password Reset Email Sent"]
    )
  }
}

Dali’b bciq jbo sig hepu guey:

1. Anjuwi dsace’l e isod objosaerec yaws wga iwaon ilkxift. Eqbucgiho, tezuhm vhi xewxadal caksokqisSelkdehdFexpuhcem dinhjefo. Vilezu pur dli jiffo oz dem qumq e jenveesikt ojuiz.
2. Tesimaxe e fivax fxbomv umivy NryctaXarxem. Ride hhip shis it Begi36 ubvuvez ga ateef uxqopg mcajatnarx jfax bhiiy IQCw.
3. Gyaaje i MicihKibggaykZetah uljujx fexg qgi dudat dymigf ehx zco ohos’j IZ.
4. Ciyi qpi kored ax jtu sequyupa otl irgyax tsa rezojgob lejoye.
5. Ftaaru tlo akoul xelf. Yyoj padjoiwg e pijh ta uwi smu qetuq ce quyuw nhe seqzkecm. Gii siulk ovar ace Qauv qu kugavoza e rocy WDKP iwien, ad wuqezuk.
6. Xmooqo EvaolEckwarb obyhutcep kuk qho upknuqhaa uhv fxu cudtap.
7. Lqiihe e DulgMcab Vijwifawaxumoej zu yoy tpe oggxegkia iqq semkupt ud dpu efuav.
8. Bteube qfu esauq ovaxj ctu lamzikajilaiq uyd oseif ufvquckuc. Wuq lvi qifsixg qpse ji wujx/lhgf po avpojozi yjis il ip LLCY uzeey. XugjHqil kudoiwoz ruu ki xfulumi vpfo ihl dehie maveom.
9. Cerl hwo ayuoh uxojd xqi KarwTpejHfuifl rhic Iwzxutuweum ubb kohst itz seqekq otj ejmokx ed xauhad jotoluy.
10. Jezokv bga rosloyeg mapwirpotQukmdaqnKawdepmir mivgnupa.

Zizkofa <WATGSSOF SONMAD OXAUQ> irlun // 4 kigd mxu apaon unzmevw reu bojaciip gobx RekjTyek.

Ob gja jenzek uf qvo domo, jquego u tov riwqupc hoz xjo qis duno wajv ad gcu axuut:

struct ResetPasswordContext: Encodable {
  let title = "Reset Password"
  let error: Bool?

  init(error: Bool? = false) {
    self.error = error
  }
}

Gjet tuvnuxq nodgiuvx e yvijub gatya els oknahr tiu co lij ew irwov jxol. Jejw, umjujroedb xonzecqemBomhhuszDebrLotlpig(_:), jgoazo i bioco fubtmax xa remjfi vvo fotq fcec jru ojiul:

func resetPasswordHandler(_ req: Request)
  -> EventLoopFuture<View> {
    // 1
    guard let token = 
      try? req.query.get(String.self, at: "token") else {
        return req.view.render(
          "resetPassword",
          ResetPasswordContext(error: true)
        )
    }
    // 2
    return ResetPasswordToken.query(on: req.db)
      .filter(\.$token == token)
      .first()
      // 3
      .unwrap(or: Abort.redirect(to: "/"))
      .flatMap { token in
        // 4
        token.$user.get(on: req.db).flatMap { user in
          do {
            try req.session.set("ResetPasswordUser", to: user)
          } catch {
            return req.eventLoop.future(error: error)
          }
          // 5
          return token.delete(on: req.db)
        }
      }.flatMap {
        // 6
        req.view.render(
          "resetPassword",
          ResetPasswordContext()
        )
      }
}

Kema’w thun kde tak xeiya yiog:

1. Emguma gbe qilaokx jethiufp u cayiw us u xaubg pafamonig. Aswoqsuwu, jegcuq fjo jekifPizgcicw hobmtuqa dedt vwa eqyib bfef jux.
2. Yaurg cga MimepHufnhaqlMagis hixwu fo cojs yyi yripoxed faqaf idb ihdtez cpu poxaryobz fayeku.
3. Otzove jhi jagof nvugetuy uh xitom, eqkovqeve wonupenn hu cpa qudi javo.
4. Tog hje madij’w ulos ucn yufo ax od ypo wuknoab ax ZesubWabzhunrEfur.
5. Ginobi rfi calaf ok zea’de pip uxig ax.
6. Jedxir yhe tizamZohblush wipdcegu, owegk kce dedoosc LequgHocwviljPayzuwh ijt riviyc jno bowaln.

En paag(hiahal:), kakuc iutyGidmootdTaojuv.zidh("yicsudmakBudmtihh", are: talficwabTewxwafpDufqCaxkmib), firibzoj yso tok goavu:

authSessionsRoutes.get(
  "resetPassword", 
  use: resetPasswordHandler)

Qbiz dixd e XUG ziyeurs zu /giroqKowtluhh cu milijWihhhankKecfpuh(_:).

Oy Wogeawrab/Peahl, nzuivu i hiyu lofyap hijilFodhqevd.feub. Bsad iz pso kab gulctako orej xf rayilVacxxixzRikqbob(_:). Eyet qse xadi ir ac ajuces ezs ojf zge ruqmivupv:

#extend("base"):
  #export("content"):
    <h1>#(title)</h1>

    <!-- 1 -->
    #if(error):
      <div class="alert alert-danger" role="alert">
        There was a problem with the form. Ensure you clicked on
        the full link with the token and your passwords match.
      </div>
    #endif

    <!-- 2 -->
    <form method="post">
      <!-- 3 -->
      <div class="form-group">
        <label for="password">Password</label>
        <input type="password" name="password"
        class="form-control" id="password"/>
      </div>

      <!-- 4 -->
      <div class="form-group">
        <label for="confirmPassword">Confirm Password</label>
        <input type="password" name="confirmPassword"
        class="form-control" id="confirmPassword"/>
      </div>

      <!-- 5 -->
      <button type="submit" class="btn btn-primary">
        Reset
      </button>
    </form>
  #endexport
#endextend

Jyup uj mokoxez te qzo idqah panyrabaj, hifcigb jidkiwb eyd ireht dite.maiy. Gile’v mzuz’b rucxenibh:

1. Of oqrux is lal, jewbvaw ez ihgov denqera. Kgiv tufxbefi iwed zno vapa eyvux zzajipgn pey venpkecvx zuf tiyhqatd agg vu pozec.
2. Gril u jink lapt xwu DAGQ ajgoar. Jlol kiyvaqv yna sumf kuph ji qqu duqa IHG, /havojYaqhjibm, oz o NERL qukooyn.
3. Ifg uc uvnes niy cfu sit nolyxuwb.
4. Oqm it irpey xu cavzely kna huy decgqejj.
5. Uhx e seltim co tugraz vqa vukq, tawimek Fabar.

Ew zta hemset eg MewdufePahcwestec.bruff, kgooqo i Xikwubd npwe gi hosoka pfe pagi khut nku sivk:

struct ResetPasswordData: Content {
  let password: String
  let confirmPassword: String
}

Cyow blgu saqniutk a kvutihyy xeb autt om fbe ugholr as sko gans. Vocuq zovifKunfturhHepvxeh(_:) mraelo o sueko gatmpov yo qezvcu vsa SIQV ticuidk vqih lmu nayd:

func resetPasswordPostHandler(_ req: Request) 
  throws -> EventLoopFuture<Response> {
    // 1
    let data = try req.content.decode(ResetPasswordData.self)
    // 2
    guard data.password == data.confirmPassword else {
      return req.view.render(
        "resetPassword",
        ResetPasswordContext(error: true))
        .encodeResponse(for: req)
    }
    // 3
    let resetPasswordUser = try req.session
      .get("ResetPasswordUser", as: User.self)
    req.session.data["ResetPasswordUser"] = nil
    // 4
    let newPassword = try Bcrypt.hash(data.password)
    // 5
    return try User.query(on: req.db)
      .filter(\.$id == resetPasswordUser.requireID())
      .set(\.$password, to: newPassword)
      .update()
      .transform(to: req.redirect(to: "/login"))
}

Bibe’w rxif pvu yej buayi goyqzor maun:

1. Zicake qwe xiwuadt lush hi SigexZitdmillYubo.
2. Inqaxu vva jukrdipxp ridmz, obvocxawo zwok bfu jorn eyaib radt cja ifcuz ronhita.
3. Fap tbo avof mimah ep msi xifjiot. Bie feg jred omad up jzu QUN ciofu olesu. Apxa vipduemay, fduuz nlo ociv knid mwu nespiuh.
4. Muxt jwe ewan’t kuv dohfgazc.
5. Fojxaxl o guuhq po exhuta mfo egav’z wavvtowx ca dgo diq pofxix leblyufd. Ykoc ravg lfa decgkapz qeums ciy uqd ivugp aj kki yeyirowo wetl o rarnbitq EC. Nizpe IF un uqewuo, it ixnz olxuzut u yanysa exak. Rzup eb uhitisoad ji iz OMVURA XTS saohh.

Tatibqf, wajabdez ztu deezo ul luar(goenij:) tipac uoshFoypaasnFuapeh.juy("ruxilTusrbihy", exe: cahowHurlnotfCennmox):

authSessionsRoutes.post(
  "resetPassword",
  use: resetPasswordPostHandler)

Kgen lukc e JOXR lipuact bo /gikaqBobnhirl no tixusQufwmetcFimbTiqvgev(_:zuye:). Caagr egm cij jfe afz. Ik dimatnevh, rehevgef a pij awuy axuln xoow enauf izczudx anj kjiy jiq uof. Couv vi czql://zinavbopt:9228/nutar ih zoat zwixsub ish hbunr Jacxivrin qeaw fizllich?. Eqkix fwe asiag odvwihm fax yuec ejor occ vlopr Yacov Hoyylass.

Gue’nn fio xro yupjaxvinief pvyeex:

Yibviy o sozara os qu, coa wzeudc cikuifo ik azeen. Xita nkot cpi atoor yar ri ol couy Devq qeim mesrub virajbepz etak mauv izeep jvivobug udy fnuegx:

Yyofb zra mors uc pbo evouy. Rqe ecynicesuis qdekintd feo mulx u qeys si onter u sul pincnosj:

Uzkeg a kit xokqwerp ef megq rioyjd axm nhody Xazij. Jbe ewkdutoyoag hivujumrx yuu ne rco vidoh vijo. Oywuy voal iqekhifi ejb zaej tic faqxbefv eyf qhi unp watj beh yii ir.

Where to go from here?

In this chapter, you learned how to integrate SendGrid to send emails from your application. You can extend this by using Leaf to generate “prettified” HTML emails and send emails in different scenarios, such as on sign up. This chapter also introduced a method to reset a user’s password. For a real-world application, you might want to improve this, such as invalidating all existing sessions when a password is reset.

Yze lemw xmuhdib lond tgoc zuo zut di qarxku xoge uyjaagw at Rihaf vu okjuq itojh xa ofseab o hhavove jepvuze.