How to create magic links quickly and effortlessly with NodeJS

Purpose

You can use magic or temporary links to:

  • reset a user’s password
  • one time access to a website or application such as slack or medium
  • actually login into an application without the need of manually inputting your username and password
  • offer discounts in eCommerce systems

Why am I implementing?

At work, as we are using an in house framework, one such user requirement is to implement Magic links. The use case scenario is as follows:

How to built the dynamic route?

For the backend, I am using ExpressJS and for the front, VueJS. I first make sure that I have an outside page or route for example — /reset-user-password — that is separate from the login. Each page checks if the VueX Store contains the user token based on Token Based Authentication (instead of cookies). If not, they are redirected to the login page.

Ways to implement

There are two ways to implement the reset password magic link encoding and decoding feature:

Persistent

You can use additional columns in your User table to add for example, link_reset_password_temporary (string) and link_reset_password_expire (datetime).

Non Persistent

In my project, I am already JSON Web Tokens (JWT) for Token Based Authentication. So when Bob clicks on send password, I use JWT to send an encryption of the id of the user whose password is going to be changed. I also use the built in expiresIn property.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Abdallah Yashir

Abdallah Yashir

Senior Software Developer, Writer, Amateur Photographer, Reader