In previous tutorials we have learned about created a basic Login Registration system. But it lacks a feature, reset password by email. We will add some additional code to previous one to add this feature. We need to modify code both in Server and Client.
-> Use PHPMailer for sending smtp mail from localhost.
-> Added methods for sending mail using PHPMailer or using default php mail() function.
-> Reset password verification code expires in 120 seconds, which can also be changed.
We have created a separate table for password reset request. If the user initiates password reset request, a unique key is generated and stored in the new table with time stamp which is then sent to the client by email. The client sends the verification key along with new password to the server. If the verification code is correct and the time elapsed is less than 120 seconds the password is changed. If the time exceeds 120 seconds the user must re initiate password reset request.
Now let us see what changes to be made in Server and Client.