Password change with realm

Hi everybody,

I am trying to figure out how to do a simple password change, which I thought should be a pretty basic task. However, I can’t find any documentation (imho realm really lacks useful docu) on how to do this. Custom function was the way to go I thought as I needed a custom mail for the password reset anyway. Inside the function I have username, password and the token stuff, which should be everything I need but I can’t find any source on how to call the required password change/reset function from within the custom function.
I hope you can help me out.

Best regards and stay healthy!

Hey Daniel - you should be able to call the reset password function with password as the parameter. By returning either “pending” or “success” as return string, the password will automatically be reset to the string passed in the password parameter of callResetPasswordFunction.

But the questions for me is, how do I call the password reset function within a custom function in Realm?
The use case I want to implement is: Customer enters old password as well as new password in the web application, then everything needed is send to the backend and probably validated there as well and then the new password is set for the user. Basic password change.

Daniel - there is no way to call a password reset function within a custom function in Realm. You must call the password reset function directly, like so:

await app.emailPasswordAuth.callResetPasswordFunction(email, password, args); if the call to this function returns “success” or “pending”, the password will reset automatically based on the value you passed in.

We don’t currently have a way to verify a user’s old password within this function but it is something we are looking into doing in the near term.

1 Like

Thanks for your reply.
Now I understand and returning success seems to work for password change!
However, now I am unsure about “pending”, because that’s what we return in case we send an email for a password reset, are you sure that this also sets the password?

Hey Daniel - you’re right, that’s my mistake. You have to then call resetPassword from the SDK with the token and tokenId

like so - await app.emailPasswordAuth.resetPassword(token, tokenId, "newPassw0rd");

You can find the more detail about resetPassword here - https://docs.mongodb.com/realm/web/manage-email-password-users#complete-a-password-reset

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.