[PR] FINERACT-2006: Forgot password on login page [fineract]

Thu, 22 Jan 2026 22:52:49 -0800 


airajena opened a new pull request, #5369:
URL: https://github.com/apache/fineract/pull/5369

   ## Description
   Implemented the "Forgot Password" functionality to allow users to reset 
their forgotten passwords via email. This feature introduces a new public API 
endpoint that verifies the user's email, generates a temporary password, and 
emails it to them.
   
   ## Changes
   - **New API Endpoint:** Added `POST /api/v1/password/forgot` which accepts 
an email address in the request body.
       - Updated `SecurityConfig` to permit unauthenticated access to this 
endpoint.
   - **Database Schema:** Added `temporary_password_expiry_time` column to the 
`m_appuser` table (via Liquibase migration `0209_add_forgot_password.xml`).
   - **Domain Logic:**
       - Updated `AppUser` entity to handle temporary password expiry.
       - Added `AppUserRepository.findActiveUserByEmail` to lookup users.
   - **Service Layer:**
       - Created `ForgotPasswordService` and its implementation 
`ForgotPasswordServiceImpl`.
       - Logic handles finding the user, generating a 13-character random 
password, encrypting it, setting the expiry time (24 hours), and triggering the 
email.
   - **Email Service Improvements:** Updated `GmailBackedPlatformEmailService` 
to make strict SSL/TLS settings conditional. This allows the service to support 
standard SMTP servers (like Mailhog) for easier local testing and development, 
while still enforcing strict security when connecting to Gmail.
   
   ## Checklist
   Please confirm these details:
   - [x] Catch up with `develop` branch
   - [x] Format the code (`./gradlew spotlessApply`)
   - [ ] Staging/Production Smoke Tests
   
   ## Testing
   - Tested locally using Docker Compose and Mailhog.
   - Verified the API returns `200 OK` on success.
   - Verified database updates (temp password expiry time set).
   - Verified email usage logic.
   - Verified transaction rollback if email sending fails.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to