'What is the best way to retrieve an user token in order to reset its password?
I'm currently developing an application, creating an API with NodeJS - Express and implementing it React for the frontend, I want to be able to reset any user password via an email that contains the front end URL and its token as path param, for example, if I have something like:
baseUrl.com/reset-password/:token123
I want to decode the token in the backend and update the user's password based on its sub. My question here is, what is the best way to send the token? Via URL as path param (backend.com/endpoint/:token) or as a body attribute ({token: token})?
Solution 1:[1]
Normally the URL looks like "baseUrl.com/reset-password/:token123"
When the user clicking that, it goes to the browser -> Calling the GET API -> Get token in the back end from URL -> Validate token -> Show reset password/Invalid token component.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Ashwanth Madhav |