Chapter 6: Central User Management System 195 (Web design templates) Login
Chapter 6: Central User Management System 195 Login App Forgotten Password App 6 5 4 3 2 1 Authentication Request with Wrong Password Authentication Request Failed Request to Recover from “Forgotten Password” Email with Link to Change Forgotten Password 7 Enter New Password Password Changed Figure 6-5: A user recovering from the forgotten password state. In the following section, I discuss how to design, develop, and test a forgotten- password application that works with our central authentication framework. Designing the forgotten-password recovery application We know what we want the application to do, so now we need a flow diagram of the application, as shown in Figure 6-6. As the flowchart indicates, when the application is starts (Step 1), it gets an e-mail address from the user. If the e-mail address belongs to an existing user, the application sends an e-mail to the user with a URL that has embedded information to allow the user to call the same application. The embedded URL in the e-mail has step=2 set so that the application can determine which step is next. In Step 2 mode, the application verifies that the information supplied with the URL is valid and came from the e-mail sent earlier. It then allows the user to enter a new password. If the new password is acceptable that is, it meets the minimum password size requirement it is encrypted and stored in the database. Now let s look at how you can implement this flow diagram into an application.