Reset password in MongoRealm

Hi,
I’m in the process of migrating to Realm 10.0.
I used to have realm functionality for reseting password. That looks to be gone. I now need to implement something myself, maybe handle the reset in an app deep link. Is that correct?

Hi @donut, is this for iOS or Android?

I also have the same problem here.

iOS. Simply put I cannot enable Email/Passowrd authentication provider without providing a password reset URL. Which unless I am misunderstanding means I have to handle the reset myself.

Hi @donut & @Panashe_Makomo,

in the Realm UI, you can select to use a Realm function for password resets rather than an email + reset URL:

If you opt to create a new reset function, the template includes comments with the required boilerplate code – which you can use or build upon.

You can invoke the reset function from the mobile iOS app by calling callResetPasswordFunction (https://docs.mongodb.com/realm-sdks/swift/latest/Extensions/EmailPasswordAuth.html#/s:So20RLMEmailPasswordAuthC10RealmSwiftE09callResetB8Function5email8password4args7Combine6FutureCyyts5Error_pGSS_SSSayAC7AnyBSONOGtF)

I see this option, but I don’t understand. Without an email sent, how does one reset his own password?

I think the function will be invoked from the client sdk, wehn you run the client sdk code. However i also have the same issue that the functions are not working. I am using Android btw.

Your app (e.g. through a web page) is responsible for deciding whether or not the user requesting the reset is really who they claim to be – the assumption being that the user may have lost their password.

The simplest option to implement is to have Realm send the confirmation email - in which case, you have to provide the target web page where the user can be reset (or for a mobile app, you can provide a deep/universal link so that it’s your app that does the reset.)

If you don’t want the automated email then you can provide a Realm function instead which can handle the confirmation howere you like. The function will indicate the result as either:

  • failed
  • pending - (the user has (in a way that you decide) notified of the reset request). The app can then execute the password reset once the user has confirmed
  • success - the Realm function has changed the password (e.g. the app could have provided a reset code when calling the function that this function checks against the database before changing the password).

The docs have more details: https://docs.mongodb.com/realm/authentication/email-password/#run-a-password-reset-function

1 Like