Auth0 Home Blog Docs

Forgot Password - iOS Swift (Is this right way of doing it?)

//i’m doing callbacks, mostly just want to make sure there isn’t some simple SDK call I can make instead of directly hitting api like this.

Also are there any http status codes to verify if user doesn’t exist or something like that? Like 404?

func forgotPassword(email:String) {

    guard let values = plistValues(bundle: Bundle.main) else {
        return
    }
    
    let headers = ["content-type": "application/json"]
    let parameters = [
        "client_id": values.clientId,
        "email": email,
        "connection": "Username-Password-Authentication"
    ]
    
    guard let postData = try? JSONSerialization.data(withJSONObject: parameters, options: .prettyPrinted) else {
        self.forgotDelegate?.onForgotPasswordError(.errorParsing)
        return
    }
    
    let url = URL(string: "https://\(values.domain)/dbconnections/change_password")!
    var req = URLRequest(url: url)
    req.httpMethod = "POST"
    req.allHTTPHeaderFields = headers
    req.httpBody = postData
    
    URLSession.shared.dataTask(with: req) { [weak self] (data, response, error) in
        
        guard error == nil else {
            self?.forgotDelegate?.onForgotPasswordError(.networkError)
            return
        }
        
        guard let resp = response as? HTTPURLResponse
            , resp.statusCode >= 200 && resp.statusCode <= 399 else {
            self?.forgotDelegate?.onForgotPasswordError(.networkError)
            return
        }
        
        self?.forgotDelegate?.onForgotPasswordReset()
        
    }.resume()
}

Hey there @ilikeprivacy!

I believe there are two main approaches to that. One of them is indeed hitting the APIs and anither one is using our Lock library:

Hey there!

Have you had a chance to visit my last message?

Hi thank you very much Konrad. Yes.

Ended up hitting the SDK api call Auth0.authorization.forgotPassword… something like that. Btw is that the same call to “resend verification email”?

No. The resend verification email is for verification after signup. Here’s the community thread regarding this + the API endpoint but it’s not for forgot password case:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.