Signup, Login, Password reset

The keys to your castle

The openBuild framework comes with a reusable that handles Sign up, Log in, Reset passwords and much more.

The resauble is used on the login page and reset_pw page in the framework.

Signup

Sign up with email workflows and UI for social logins.

Signup section

Workflows connected to Signup section are in the 'Signup' folder.

By default, the new user has to accept the Terms and Conditions and Privacy policy to be able to signup. That's why we use the conditionals logic on the button and pre-built workflows for changing the state.

Only when the T&C is accepted, the workflow runs

Signup workflow triggers a SIGN-UP custom event, that depending on your app settings will trigger a confirmation email sequence or not. Read about it in this section.

Login

Login section

Two main events connected to the login section are:

a) 'Log the user in' action - that gets triggered directly on the button click. It is placed there to enable the user to submit the login when hitting 'enter',

b) 'LOG IN' custom event - by default, only the redirect action is placed in this custom event, but this is the Workflow where additional actions should be placed. The same custom event is used for 3rd party signup/login.

Actions run when btn.login is clicked
'LOG IN' Custom event

Forgot password

In the reusable, there is a dedicated section with workflows connected to password reset.

Forgot password section

When a user inputs their email we send it to a custom event called '📧 SEND RESET PASSWORD EMAIL'

In the custom event there are 3 actions:

a) Send password reset email - native Bubble action to generate reset password token

b) Send Email - Reset Password Link - a standard email with information about how to reset your password and dedicated link

c) Send Email - Activation Link - from the admin panel you are able to send user invites to the new users. The email content of that invite is different than a standard Reset Password email.

📧 SEND RESET PASSWORD EMAIL

Section visible after successful submission of the 'Forgot password?' form.

Check your email section

After clicking the link in the email user will be redirected to the Reset password section.

Reset password section

Password strength checker

Want a password strength bar or checkbox details?

In the framework, you will find two versions of the password strength checker i.e progress bar or displaying password details. Both of them work independently so you can choose one that matches your app, or you can keep using both.

Login with magic link section

Same as with the Reset Password workflows, there is a dedicated Custom event to handle the actions connected to sending the user magic link via email.

Creating the magic link
Sending the link via email

Invalid password token

Currently, the reset password activation token is only active for 24 hours from the creation date. This time window is definitely restrictive so we handle invalid tokens via a better User Experience.

In openBuild we take advantage of the error-handling feature that allows us to trigger an action whenever the User tries to use an expired token.

By default whenever a user requests a reset password token via the User Access Management reusable we create a link that contains his email in the URL. If you did send your user a reset password email without the email parameter, the pre-built workflow logic will also handle that user.

Catching the Invalid token error
If the is not email parameter this section will be visible
If the is an email in the URL parameter it will automatically send the a new reset password / activation email

Email validation workflows

openBuild template comes with pre-build validation workflows. To enable them set the verifyEmail attribute in 🔒 System option set to 'yes'.

If you enabled the email verification workflows, after the Signup we trigger CONFIRM-EMAIL custom event.

Sending confirmation email
Redirecting to verify page

In the verify page you find two sections.

Additionally in the 🔐 SECURITY REDIRECT you find a disabled workflow that needs enabling if you want to block access to the app for every user who does not have his/her email verified.

User Access Management in a popup

Last updated