Skip to main content
Modelence provides a secure password reset flow with email tokens.

Configuration

Configure password reset emails in your server setup: 
import { startApp } from 'modelence/server';
import resendProvider from '@modelence/resend';

startApp({
  email: {
    provider: resendProvider,
    from: 'noreply@yourdomain.com',
    passwordReset: {
      subject: 'Reset your password',
      redirectUrl: 'https://yourdomain.com/reset-password',
    },
  },
});

How It Works

  1. User requests a password reset by providing their email
  2. A secure reset token is generated and stored in the database
  3. An email with a reset link is sent to the user
  4. The link redirects to your app with the token as a query parameter
  5. User enters their new password along with the token
  6. Password is updated and token is invalidated
  7. If the user’s email was not yet verified, it is automatically marked as verified
Since the user must receive the reset email to complete the flow, a successful password reset proves ownership of the email address.

Client Implementation

Request Password Reset

import { sendResetPasswordToken } from 'modelence/client';

async function handleForgotPassword(email: string) {
  try {
    await sendResetPasswordToken({ email });
    console.log('Password reset email sent');
  } catch (error) {
    console.error('Error:', error.message);
  }
}

Reset Password with Token

import { resetPassword } from 'modelence/client';

async function handleResetPassword(token: string, newPassword: string) {
  try {
    await resetPassword({ token, password: newPassword });
    console.log('Password reset successful');
  } catch (error) {
    console.error('Reset failed:', error.message);
  }
}

Custom Reset Email Template

startApp({
  email: {
    provider: resendProvider,
    from: 'noreply@yourdomain.com',
    passwordReset: {
      subject: 'Reset Your Password',
      template: ({ name, email, resetUrl }) => `
        <html>
          <body>
            <h1>Password Reset Request</h1>
            <p>Hi ${name || 'there'},</p>
            <p>We received a request to reset your password. Click the button below to proceed:</p>
            <a href="${resetUrl}"
               style="background-color: #5509D9; color: white; padding: 12px 24px; text-decoration: none; border-radius: 6px; display: inline-block;">
              Reset Password
            </a>
            <p>If you didn't request this, you can safely ignore this email.</p>
            <p>This link will expire in 1 hour.</p>
          </body>
        </html>
      `,
      redirectUrl: 'https://yourdomain.com/reset-password',
    },
  },
});