WEBVTT 00:03.700 --> 00:05.110 Hey, did everyone that they shared. 00:05.110 --> 00:10.510 And in this video, we're going to work on the forgot password so we know that how we can send the email. 00:10.510 --> 00:15.790 So the idea is if somebody visits the slash forgot password, he will send us the email in the body 00:15.790 --> 00:17.200 or the JSON format. 00:17.200 --> 00:23.050 And on that email we'll be shooting up an email based on we have we are able to find the user or not 00:23.050 --> 00:27.640 and the email is going to be a little bit crafted like this slash password, slash reset and then we'll 00:27.640 --> 00:29.110 be able to grab the token. 00:29.110 --> 00:31.810 So we'll be working on just the forgot password in this video. 00:31.810 --> 00:34.510 And in the next one we'll be working on the forgot password section. 00:34.510 --> 00:36.370 Again, this is fairly, fairly simple. 00:36.370 --> 00:40.990 Once you see me walking through that, how this is being done, you'll be able to do it for any of the 00:40.990 --> 00:46.390 application coming up to future into your place so we can close this email helper. 00:46.390 --> 00:48.430 We'll come back onto this later. 00:48.430 --> 00:50.140 Let's go into the user controller. 00:50.950 --> 00:56.920 So what we're going to do is let's go ahead and kind of copy a method so that we have this boilerplate 00:56.920 --> 00:58.630 code, in fact, duplicate that. 00:59.050 --> 01:06.310 And we're going to be calling this one as simply forgot password, forgot password in case anything 01:06.310 --> 01:07.300 else makes sense to you. 01:07.330 --> 01:09.580 Go ahead and simply go ahead and use that. 01:10.090 --> 01:10.390 Okay. 01:10.420 --> 01:16.750 So again, we have got sign up, log in and this log out. 01:16.750 --> 01:18.430 So we have actually changed this one. 01:18.430 --> 01:19.210 This one. 01:19.210 --> 01:22.960 I preferably like to cut it out and go at the end of it. 01:22.960 --> 01:25.870 So again, doesn't really matter, doesn't really bother. 01:26.140 --> 01:27.790 Okay, let's go ahead and remove this. 01:27.790 --> 01:30.820 The first step is to actually extract the email. 01:30.820 --> 01:33.490 So let's go ahead and say, hey, I would like to grab the email. 01:33.490 --> 01:39.220 So this is how the email will be coming up and we'll be collecting it from request body. 01:39.220 --> 01:39.710 Okay. 01:39.850 --> 01:41.890 Now I have this access of email. 01:41.890 --> 01:47.680 The first thing that I would like to do is check whether this email exists into my database or not. 01:47.680 --> 01:52.060 And for that really simple user dot, find one. 01:52.090 --> 01:52.960 There we go. 01:52.960 --> 01:56.530 And I can go ahead and pass on this email directly here. 01:57.970 --> 02:01.840 If, if this, this email exists, I would like to hold it into a variable. 02:01.840 --> 02:04.600 So I'm going to go ahead and call this one as simply user. 02:04.810 --> 02:09.340 And since this is an operation which is happening on another continent, obviously, I'll go ahead and 02:09.430 --> 02:10.420 wait for a minute. 02:10.750 --> 02:13.420 Now, coming up on to the user model. 02:13.420 --> 02:18.640 We have designed a couple of methods specifically this get password token. 02:18.640 --> 02:23.980 A couple of things very interesting here that notice it is definitely getting us this forgot token so 02:23.980 --> 02:26.650 I can run this method and get the token itself. 02:26.650 --> 02:30.880 It is also setting up the expiry, but it is not saving anything in the database. 02:30.880 --> 02:31.840 Very, very crucial. 02:31.840 --> 02:34.510 And you don't save things right into these methods. 02:34.510 --> 02:39.520 Whoever is using these methods needs or have a responsibility to save them. 02:39.520 --> 02:41.320 So let's say that we want to use this. 02:41.320 --> 02:44.170 Get password token, get forgot password token. 02:44.170 --> 02:45.580 Let's go ahead and use that. 02:45.580 --> 02:52.780 So we're going to go ahead and say that this is my for forgot token and how we are going to access that 02:52.780 --> 02:57.370 remember small you user because that's the object and we're going to go ahead and paste that. 02:57.610 --> 03:04.870 Now this has kind of initiated a process in which the token is being given to me, but also this forgot 03:04.870 --> 03:10.960 password expiry time as also being saved up here, but it hasn't been saved onto the database yet. 03:10.960 --> 03:12.430 So how we are going to do that? 03:12.430 --> 03:16.540 We need to first work on this user and we have to simply say dot save. 03:16.600 --> 03:21.580 Now, in theory, in most of the cases you'll see that this actually works most of the time. 03:21.580 --> 03:26.650 But sometimes your model is designed in such a way that you are saving the things it requires some of 03:26.650 --> 03:31.180 the compulsory field at the saving of the time, and we are not passing all of them, we are just passing 03:31.300 --> 03:32.200 two of them. 03:32.200 --> 03:37.660 So in some cases you can go ahead and simply say that, hey, I want to simply say to you that, hey, 03:37.900 --> 03:39.130 go ahead and validate that. 03:39.130 --> 03:41.710 So validate before save. 03:41.710 --> 03:44.380 I can go ahead and turn on this flag as false. 03:44.650 --> 03:49.120 Make sure you write that carefully before save. 03:49.120 --> 03:49.840 Yeah, looks great. 03:49.840 --> 03:54.190 So what it's going to do, it's temporarily going to just not check everything and we'll save the data 03:54.190 --> 03:56.650 however you are asking it to save again. 03:56.650 --> 04:00.580 We are doing this because we know exactly what we are doing and that's why this flag is being used. 04:00.580 --> 04:02.200 Usually people don't like to use it. 04:02.200 --> 04:07.240 I including me again, I told you this all operation happens on another continent, so make sure you 04:07.240 --> 04:08.110 await there. 04:09.010 --> 04:09.170 Okay? 04:09.370 --> 04:10.090 So this is good. 04:10.090 --> 04:11.800 Now I have a forgot token. 04:11.800 --> 04:16.660 All I have to do my database job is all done thanks to the methods that I've designed earlier. 04:16.660 --> 04:22.420 Now the responsibility is that I need to send this forgot token to the user and not just to the user. 04:22.420 --> 04:28.030 Because if I go ahead and look on to this, any email, this is not going to be simply slash forgot 04:28.030 --> 04:34.090 password and user knows automatically that I have to say localhost colon 4000 or learn code online something 04:34.090 --> 04:35.080 it doesn't really know. 04:35.080 --> 04:41.680 So we need to craft a URL for this particular kind of a string slash password slash reset and then colon 04:41.680 --> 04:42.250 token. 04:42.250 --> 04:44.680 So let's go ahead and craft a URL for that. 04:45.460 --> 04:51.820 So let's go ahead and say simply my URL, my URL, feel free to name it anything. 04:51.820 --> 04:52.690 It doesn't really matter. 04:52.690 --> 04:56.770 We're going to use the back takes up here because obviously we are going to use some of the variables 04:56.770 --> 04:57.310 up here. 04:57.400 --> 05:01.270 The first thing we're going to go ahead is request protocol. 05:01.270 --> 05:01.810 Now, this is. 05:02.100 --> 05:05.580 To verify that whether you have a CTP or a CTB is the same thing. 05:05.580 --> 05:07.930 We talked about the documentation exactly same. 05:07.950 --> 05:12.030 Then we have Collins slash slash and then we have to get the host name as well. 05:12.030 --> 05:18.090 So let's inject another variable up here and we're going to go ahead and say request dot get and inside 05:18.090 --> 05:20.130 the guest we are going to go ahead and say host. 05:20.130 --> 05:22.740 Yeah, it comes up in the double code like that. 05:23.070 --> 05:24.330 Okay, so this is all done. 05:24.330 --> 05:29.430 Now you have got the host name as well, whether it is local host Colon 4000 or it is learn code online, 05:29.430 --> 05:31.200 whatever it is, it's going to come in. 05:31.320 --> 05:33.510 Now, on top of that, you are putting up a slash. 05:33.510 --> 05:38.760 Remember, again, we are trying to craft this URL, slash password, slash reset and the colon token. 05:39.090 --> 05:46.260 So we're going to say slash password, slash, reset, feel free to convert it into however you like, 05:46.260 --> 05:51.570 but make sure you remember it because obviously later on we will grab this token from this exact URL. 05:51.780 --> 05:57.750 So after that, we are going to go ahead and inject another variable that is going to be simply forgot 05:57.780 --> 05:58.440 token. 05:59.340 --> 05:59.570 Okay. 05:59.790 --> 06:03.750 So now this entirety of the token and everything is all done, this is all good. 06:03.750 --> 06:09.420 Now only thing remaining up is to shoot an email and send this one to the user, whoever is requesting 06:09.420 --> 06:10.020 this one. 06:10.140 --> 06:13.350 So let's craft a message based on this URL. 06:13.350 --> 06:18.990 So we're going to go ahead and say, Hey, this is my message and this message is going to be something 06:18.990 --> 06:19.710 like this. 06:20.760 --> 06:32.820 As of now, we are saying copy paste this link in your URL and hit enter and then we can use a couple 06:32.820 --> 06:35.610 of slash lines so that it gives us a new line. 06:35.760 --> 06:39.150 And all we are going to go ahead and do is inject a variable. 06:39.150 --> 06:40.920 So let's go ahead and inject available. 06:40.920 --> 06:42.450 That is my URL. 06:43.140 --> 06:44.190 Come on, suggest me. 06:44.190 --> 06:44.760 There we go. 06:45.000 --> 06:47.580 So this is our really crafty message. 06:47.580 --> 06:52.500 Surely you can go ahead and make it more beautiful and stuff, but I'm not interested in that. 06:52.830 --> 06:57.750 Now, one more thing interesting up here, we have crafted this message, but now it's only remaining 06:57.750 --> 06:59.070 is to send an email. 06:59.100 --> 07:01.800 Now sending the email is really, really tricky. 07:01.800 --> 07:04.530 One, it can fail more often than you can think for. 07:04.530 --> 07:09.030 So that's why I always like to wrap these email stuff into Try and catch block. 07:09.330 --> 07:13.320 Interestingly, if the email goes nicely, that is all going to come in the try catch. 07:13.320 --> 07:15.900 But the most important or the learning part is the catch. 07:15.900 --> 07:17.910 What if the email is not properly sent? 07:17.940 --> 07:20.520 Then things goes absolutely crazy wrong. 07:20.520 --> 07:26.160 Because if you remember in the models we have actually set these fields which are these forgot password 07:26.160 --> 07:28.140 token and forgot password expiry. 07:28.140 --> 07:31.290 Next time user comes some and he is going to get these filled up. 07:31.320 --> 07:32.310 That is not good. 07:32.310 --> 07:34.080 These fields should be emptied out. 07:34.080 --> 07:37.350 So what we're going to do is we're going to go ahead and take those fields. 07:37.350 --> 07:39.660 So let's go ahead and take this one. 07:39.900 --> 07:42.420 So this user has to field. 07:42.420 --> 07:43.980 I would like to grab it from here. 07:43.980 --> 07:51.090 So this token, go ahead and place this one and there is another one which is forgot password expiry. 07:51.090 --> 07:53.880 These fields need to be flushed out. 07:53.910 --> 07:57.330 How do we flush them out or kind of make them empty? 07:57.360 --> 08:00.690 We have already seen that in the past, just like we do in the password field. 08:00.690 --> 08:05.940 So we go ahead and simply say, hey, this is going to be undefined and this is also going to be undefined. 08:06.330 --> 08:08.430 Now obviously you have just undefined it. 08:08.430 --> 08:09.630 You haven't saved it. 08:09.630 --> 08:15.570 So to save this, we're going to use again the same line that we just wrote again with validate before 08:15.570 --> 08:16.080 Save. 08:16.290 --> 08:17.520 So let's go ahead and do that. 08:17.520 --> 08:18.300 And that's it. 08:18.300 --> 08:20.490 That's all you got to do to save this one. 08:20.490 --> 08:22.080 But that's not all about it. 08:22.080 --> 08:23.820 We need to return an error here. 08:23.820 --> 08:27.840 So we're going to go ahead and say, hey, if anything goes wrong, let's go ahead and wrap it up with 08:27.840 --> 08:28.530 the next. 08:28.530 --> 08:31.590 We're going to go ahead and handle it with the custom errors. 08:31.830 --> 08:37.920 And we're going to simply say that, again, we are receiving this error here so we can go ahead and 08:37.920 --> 08:39.540 simply just dump the message here. 08:39.540 --> 08:41.610 So we're going to go ahead and say error message. 08:41.610 --> 08:45.960 Surely errors can be handled a little bit more beautiful than this, but we're going to go ahead and 08:45.960 --> 08:47.490 throw probably 500 here. 08:47.790 --> 08:50.400 So again, this is the most interesting part up here. 08:50.400 --> 08:54.810 And a lot of interviewers are actually worried about this part because anybody can handle the good part. 08:54.810 --> 08:57.180 The bad part is what you need to worry about. 08:57.570 --> 08:57.960 Okay. 08:57.960 --> 09:00.840 Let's go ahead and see that how we are going to send this email. 09:00.840 --> 09:05.250 So I'm going to go ahead and simply use a wait because email takes time always. 09:05.250 --> 09:07.740 And then we are going to use the email helper. 09:07.750 --> 09:14.550 So I'm going to go ahead and say, hey, email helper, that's not going to come on automatically. 09:14.550 --> 09:16.020 Are we exporting that even? 09:16.260 --> 09:19.710 Yeah, I'm exporting mail helper, so copy that. 09:19.950 --> 09:22.500 And it is not email help but it is mail helper. 09:23.990 --> 09:24.710 Come on. 09:24.980 --> 09:25.490 There we go. 09:25.520 --> 09:27.490 Male Helper I love that. 09:27.500 --> 09:29.750 That it automatically imports that for me. 09:29.840 --> 09:30.830 I love that thing. 09:31.100 --> 09:32.930 Again, in case yours is not working. 09:32.960 --> 09:35.570 Go ahead and simply just add the line there. 09:35.950 --> 09:36.500 Okay. 09:36.650 --> 09:40.910 So this is the male helper, but male helper expects you to pass on an object. 09:40.910 --> 09:47.720 And inside the object we expect email, subject and at least the message so we can craft an object and 09:47.720 --> 09:50.930 store that in available or we can just go ahead and do like this. 09:51.200 --> 09:55.280 So email, subject and message, let's go ahead and give it that. 09:55.280 --> 09:56.960 So first field is email. 09:56.960 --> 10:04.970 So email is going to be simply whatever the user dot email notice we can use the user dot email field 10:04.970 --> 10:08.810 because user obviously saved or we can use this email. 10:08.840 --> 10:09.590 Kind of a same. 10:09.590 --> 10:13.490 We have already verified these things throughout here, so this is all what we got. 10:13.520 --> 10:15.410 Now we haven't taken care of the situation. 10:15.410 --> 10:17.600 What happens when we don't find the user? 10:17.600 --> 10:19.610 So yeah, that needs to be take care. 10:19.640 --> 10:20.450 Reminds me. 10:20.990 --> 10:27.200 Okay, so let's go ahead and say if I don't find a user, I'm going going to go ahead and say return 10:27.350 --> 10:37.850 next and we're going to say new custom error and we're going to say email not found. 10:40.160 --> 10:41.570 As a registered. 10:42.410 --> 10:45.300 And we're going to pass on a simple 400 error. 10:45.320 --> 10:46.100 That's it. 10:46.260 --> 10:46.480 Okay. 10:46.490 --> 10:48.830 So we have already verified now 100% sure. 10:48.830 --> 10:54.710 And now here onto this part, we can go ahead and pass on either user dot email or whatever the email 10:54.710 --> 10:55.250 you got. 10:55.500 --> 10:55.820 Okay. 10:55.820 --> 10:56.840 Next one is subject. 10:56.840 --> 10:59.800 So let's go ahead and say, hey, I want to pass on a subject. 10:59.810 --> 11:01.720 This one is going to be hardcoded string. 11:02.600 --> 11:07.100 Let's call this one as password reset email. 11:07.400 --> 11:09.890 And again, I would like to add the company name here. 11:09.890 --> 11:13.010 So we're going to say ae t store. 11:13.550 --> 11:16.580 Yeah, these two or t shirt, whatever you like to go ahead and add that. 11:16.580 --> 11:17.810 And the last is message. 11:17.810 --> 11:20.300 So we're going to go ahead and simply say that message. 11:20.600 --> 11:23.930 Again, you can say message, call a message or we can just use it like that. 11:23.960 --> 11:26.240 Okay, let's see one more time. 11:26.240 --> 11:35.570 So two, which is an email subject and message, hopefully it looks good and the things seems okay, 11:35.600 --> 11:36.920 things seems okay. 11:37.130 --> 11:44.090 Now all we got to do is send an email as a request body into this URL forgot password. 11:44.390 --> 11:46.520 Let's go ahead and set up a route for that. 11:47.000 --> 11:52.850 So we're going to go ahead and say, hey, now I have another route which is forgot password and let's 11:52.850 --> 11:54.890 see how we have designed it up here. 11:54.890 --> 11:56.780 It says Just the forgot password. 11:56.810 --> 11:57.560 Really nice. 11:58.130 --> 12:01.010 And we're going to go ahead and say this is. 12:02.020 --> 12:05.980 Forgot password and this is also being handled by forgot password. 12:05.980 --> 12:12.130 This obviously is a post route OC so seems like all okay and all good. 12:12.130 --> 12:13.240 Let's go ahead and test it out. 12:13.240 --> 12:19.330 Whether things are working or not coming back up here, let's just say I forgot the password of two. 12:19.510 --> 12:25.720 So let's go ahead and save this one as save as this one is going to be forgot password. 12:26.080 --> 12:36.340 Save that this one is a post route and save that forgot password and we need to send something into 12:36.340 --> 12:36.940 the body. 12:36.940 --> 12:41.770 And this time we don't need to send the email, we just need to send the password again. 12:41.770 --> 12:42.920 No comma is required. 12:42.970 --> 12:46.300 Save that and let's go ahead and try to send this one. 12:46.300 --> 12:48.430 Are we sending any JSON response? 12:48.910 --> 12:51.430 Looks like we're not sending any JSON response. 12:51.430 --> 12:53.260 Let me just quickly send that. 12:53.980 --> 12:58.600 So we are sending the try in the email, but user has no idea whether the email got or not. 12:58.600 --> 13:05.620 So let's go ahead and say restart status, which is going to be 200 and then chain on a JSON response. 13:05.620 --> 13:07.780 This might be looking very, very familiar to you now. 13:08.260 --> 13:17.560 And we're going to go ahead and say, hey, success was true and the message is going to be email, 13:17.560 --> 13:22.840 send, send success fully. 13:24.310 --> 13:26.620 So these are all the messages that we got. 13:26.650 --> 13:28.300 Seems OC seems good. 13:28.540 --> 13:35.680 Let's go ahead and send this one and it says, hey, error, the option is not defined. 13:35.680 --> 13:38.740 Let's go ahead and see that where the option has not defined. 13:41.480 --> 13:48.590 So in line 121, after stating it for a little bit while, I quickly realized that this is option and 13:48.590 --> 13:50.330 this is all going with the option. 13:50.330 --> 13:55.910 So it is better to just go ahead and say that this is now option should be all good now. 13:56.570 --> 13:59.630 Test number two, let's go ahead and try to send this email one more time. 14:00.080 --> 14:01.220 Send this one. 14:01.550 --> 14:04.760 And this time it's taking a little bit while to send the request. 14:05.420 --> 14:11.510 And the regret says success through email send successfully told you database is always on another continent. 14:11.660 --> 14:16.850 Let's go ahead and see if we are receiving any of the mail into our mail trap. 14:17.450 --> 14:19.040 Let's go ahead and hit refresh. 14:20.270 --> 14:21.800 And there we go. 14:21.800 --> 14:22.720 Now we have five. 14:22.790 --> 14:22.970 Okay. 14:23.000 --> 14:24.650 Previously it was just four. 14:24.800 --> 14:25.370 Let's go ahead. 14:25.370 --> 14:26.810 And this is the new t shirt store. 14:26.810 --> 14:28.970 So this is how your email are going to look like. 14:28.970 --> 14:30.290 And this is the text we have. 14:30.290 --> 14:34.820 So http localhost, 4000 password reset and the token is there as well. 14:34.820 --> 14:37.460 So this token is valid only for 30 minutes. 14:37.460 --> 14:41.210 So obviously now we need to work on this password reset token. 14:41.210 --> 14:43.400 Now all we got to do here is really simple. 14:43.400 --> 14:46.100 Telling you in advance we will visit this URL. 14:46.100 --> 14:48.140 We'll grab the token from the URL. 14:48.140 --> 14:48.830 Yeah, you got it. 14:48.830 --> 14:49.970 Request dot params. 14:49.970 --> 14:55.670 I know you are absolutely pro now and once we have grabbed this token we have to match whether the token 14:55.670 --> 14:57.530 is matching with our database token. 14:57.530 --> 14:58.610 Really simple stuff. 14:58.610 --> 15:04.400 If they matches out and expire is also good, then we will allow him to update the password and we'll 15:04.400 --> 15:09.260 take the password and the body will take just the password field either or we can take the password 15:09.260 --> 15:13.040 and confirm password whatever suits to you and whatever is your flow. 15:13.070 --> 15:15.200 Let's go ahead and catch up in the next video.