Loopback: PasswordRequest reset event not fired after reset
I am trying to use the password reset process on Loopback, so I can send an email with instructions to the user. I've created a custom model called "user" that extends "User". Then I added "User.on (" resetPasswordRequest "..." but it never gets executed. Please check console.log on user.js
model-config.json
{
...
"user": {
"dataSource": "mysqlDs",
"public": true,
"options": {
"emailVerificationRequired": false
}
},
...
}
user.json
{
"name": "user",
"base": "User",
"idInjection": true,
"properties": {},
"validations": [],
"relations": {},
"acls": [
{
"principalType": "ROLE",
"principalId": "$everyone",
"accessType": "READ",
"permission": "ALLOW"
}
],
"methods": []
}
user.js
module.exports = function(User) {
console.log('It prints this log here.');
User.on('resetPasswordRequest', function(info) {
console.log('But it does not print this log here ever.');
var url = 'http://www.example.com/reset-password';
var html = 'Click <a href="' + url + '?access_token=' + info.accessToken.id + '">here</a>';
loopback.Email.send({
to: info.email,
from: 'mail@example.com',
subject: 'My Subject',
html: html
}, function() {
console.log('> sending password reset email to:', info.email);
if (err) return console.log('> error sending password reset email');
});
});
};
source to share
Ok, so @IvanSschwarz was right. Thank you very much! My original code was correct, but there was no change in model-config.json. For some reason I needed to hide the User model. So I also took this opportunity and changed my model name from "user" to "member" to follow the lines of the manual for effective loop validation.
...
"User": {
"dataSource": "mysqlDs",
"public": false
},
"member": {
"dataSource": "mysqlDs",
"public": true,
"options": {
"emailVerificationRequired": true
}
},
....
I believe other suggestions might work as well, but I wanted to extend the User model via JSON and also use the built-in Reset Password remote access method from the Users model. So thank you guys!
source to share
Don't you just miss the definition of a remote method to call your code? This is what I would do:
user.js
module.exports = function(User) {
console.log('It prints this log here.');
User.resetPasswordRequest = function (info, cb) {
console.log('But it does not print this log here ever.');
var url = 'http://www.example.com/reset-password';
var html = 'Click <a href="' + url + '?access_token=' + info.accessToken + '">here</a>';
loopback.Email.send({
to: info.email,
from: 'mail@example.com',
subject: 'My Subject',
html: html
}, function() {
console.log('> sending password reset email to:', info.email);
if (err) {
cb(err, false);
return console.log('> error sending password reset email');
}
cb(err, true):
});
});
User.remoteMethod('resetPasswordRequest', {
description: 'Send a mail to an User to permit him to reset his password',
accepts: {arg: 'info', type: 'object', required: true},
returns: {arg: 'mailSend', type: 'boolean'},
http: {verb: 'post'}
});
};
Then using explorer or calling API via REST when submitting your json information:
{
accessToken: xxx,
email: xxx
}
And don't forget to update the ACL in user.json so you can call the method from remote:
{
"name": "user",
"base": "User",
"idInjection": true,
"properties": {},
"validations": [],
"relations": {},
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
},
{
"accessType": "WRITE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "resetPasswordRequest"
}
],
"methods": []
}
source to share
The solution is explained here: http://loopback.io/doc/en/lb3/Extending-built-in-models.html#setting-up-a-custom-model
So, you will need:
User.setup = function() {
var User = this;
// since setup is called for every extended model
// the extended model will also have the event listener
User.on('resetPasswordRequest', function() {
///Do your stuff here
});
}
source to share