Wordpress plugins
Password Reset with Code for WordPress REST API

Password Reset with Code for WordPress REST API

Version : 0.0.16
Tested up to : 6.3.1
Number of download : 7
Average rating : 5 / 5 on 7 votes 7 votes, 5 avg.rating

Screenshots

Password Reset with Code for WordPress REST API
Password Reset with Code for WordPress REST API
Password Reset with Code for WordPress REST API
Password Reset with Code for WordPress REST API

A simple plugin that adds a password reset facility to the WordPress REST API using a code. The process is a two step process: User requests a password reset. A code is emailed to their registered email address The user enters the code when setting a new password, which is only set if the code is valid and has not expired It is also possible to check the validity of a code without resetting the password which enables the possibility of setting the password by other means, or having a two stage process for checking the code and resetting the password if desired. Default settings are to use an 8 digit code consisting of numbers, upper and lower case letters and special characters, which has a life span of 15 minutes, afterwhich a new code would need to be requested. By default a user can attempt to use or validate a code up to 3 times before automatically invalidating it. Endpoints The plugin adds two new endpoints to the REST API: Endpoint: /wp-json/bdpwr/v1/reset-password — HTTP Verb: POST — Parameters (all required): — email /wp-json/bdpwr/v1/set-password — HTTP Verb: POST — Parameters (all required): — email — password — code /wp-json/bdpwr/v1/validate-code — HTTP Verb: POST — Parameters (all required): — email — code Example Requests (jQuery) Reset Password $.ajax({ url: '/wp-json/bdpwr/v1/reset-password', method: 'POST', data: { email: 'example@example.com', }, success: function( response ) { console.log( response ); }, error: function( response ) { console.log( response ); }, }); Set New Password $.ajax({ url: '/wp-json/bdpwr/v1/set-password', method: 'POST', data: { email: 'example@example.com', code: '1234', password: 'Pa$$word1', }, success: function( response ) { console.log( response ); }, error: function( response ) { console.log( response ); }, }); Validate Code $.ajax({ url: '/wp-json/bdpwr/v1/validate-code', method: 'POST', data: { email: 'example@example.com', code: '1234', }, success: function( response ) { console.log( response ); }, error: function( response ) { console.log( response ); }, }); Example Success Responses (JSON) Reset Password { "data": { "status": 200 }, "message": "A password reset email has been sent to your email address." } Set New Password { "data": { "status": 200 }, "message": "Password reset successfully." } Validate Code { "data": { "status": 200 }, "message": "The code supplied is valid." } Example Error Responses (JSON) Reset Password { "code": "bad_email", "message": "No user found with this email address.", "data": { "status": 500 } } Set New Password { "code": "bad_request", "message": "You must request a password reset code before you try to set a new password.", "data": { "status": 500 } } Validate Code { "code": "bad_request", "message": "The reset code provided is not valid.", "data": { "status": 500 } } Filters A number of WordPress filters have been added to help customise the process, please feel free to request additional filters or submit a pull request with any that you required. Filter the length of the code add_filter( 'bdpwr_code_length' , function( $length ) { return 4; }, 10 , 1 ); Filter Expiration Time add_filter( 'bdpwr_code_expiration_seconds' , function( $seconds ) { return 900; }, 10 , 1 ); Filter the date format used by the plugin to display expiration times add_filter( 'bdpwd_date_format' , function( $format ) { return 'H:i'; }, 10 , 1 ); Filter the reset email subject add_filter( 'bdpwr_code_email_subject' , function( $subject ) { return 'Password Reset'; }, 10 , 1 ); Filter the email content add_filter( 'bdpwr_code_email_text' , function( $text , $email , $code , $expiry ) { return $text; }, 10 , 4 ); Filter maximum attempts allowed to use a reset code, default is 3, -1 for unlimmited add_filter( 'bdpwr_max_attempts' , function( $attempts ) { return 3; }, 10 , 4 ); Filter whether to include upper and lowercase letters in the code as well as numbers, default is false add_filter( 'bdpwr_include_letters' , function( $include ) { return false; }, 10 , 4 ); Filter the characters to be used when generating a code, you can use any string you want, default is 0123456789 add_filter( 'bdpwr_selection_string' , function( $string ) { return '0123456789'; }, 10 , 4 ); Filter the WP roles allowed to reset their password with this plugin, default is any, example below shows removing administrators add_filter( 'bdpwr_allowed_roles' , function( $roles ) { $key = array_search( 'administrator' , $roles ); if( $key !== false ) { unset( $roles[ $key ] ); } return $roles; }, 10 , 1 ); Filter to add custom namespace for REST API add_filter( 'bdpwr_route_namespace' , function( $route_namespace ) { return 'xyz/v1'; }, 10 , 1 ); Credits Plugin icon / banner image by Sincerely Media

Download now