Password Recovery in Clojure

Table of contents
Reading Time: 2 minutes

This Blog post will help you to add the password recovery functionalities in your clojure web application.

Firstly, create html file containing textbox for getting email address, on which a new passowrd will be sent.

Next, add this in your project.clj File

Now follow the given steps to add password recovery functionality:

Let’s define a forgot-password.clj namespace and import the following :

To get the random string we can use the following code:-

We also have to define the routes :-

The GET forgot-password route simply call the forgot-password function to render the page

Function to render the page using default luminus template:

The POST forgot-password route simply call the forgot-password-post function and pass the email as an argument

Define the forgot-password-post function in (testapp.routes.forgot-password.clj) . This function sends the password (a random string) to the given e-mail:

Note :- * This code may contain some validation which is applicable on email.                        Like:email-error (vali/on-error :email first)

Define “get-email”, “update-user-password” in namesapce “db” to get the email addressand to update the user password respectively.

encrypt” from “noir.util.crypt” is used to encrypt the password.

2 thoughts on “Password Recovery in Clojure2 min read

  1. Maybe I’m missing something obvious here but …. how does this step me from resetting your password against your will, as long as I have your email address?

    If /forgot-password is not authenticated, anyone can call it.

    Is this not why the workflow everywhere is not for the server to send the user a new password, but to send them a confirmation link, in order to confirm that the person controlling the email inbox actually wants the password reset?

Comments are closed.