I’m currently working on developing a password recovery flow for my site using the Netlify identity service. (https://dev.getcampr.com)
I’m able to use the “Send reset password email” in the Netlify Identity dashboard to trigger a reset as expected. But after using the “Send reset password email” button once, the button no longer sends a password reset email.
Is there an intentional limit on password resets per time period?
Any guidance or information would be helpful here!
Yep, they do always come in a single chain. My current workflow is to delete the user from Netlify Identity, registering a new user, then doing a password recovery. They always show up in the chain of the original recovery email. After the first reset, the emails no longer come through until I delete the user and create a new one.
Yikes, yeah my current workflow is broken, since the email doesn’t even prompt change password. So looks like password recovery issues around the boat.
For context, Netlify Identity is powered by gotrue. That said, by default, there is a 15 minute default timeout between password reset emails, as shown here: gotrue/README.md at master · netlify/gotrue · GitHub. Note that this is not something that can be changed on a site’s Identity instance. As such, you would probably have to introduce a 15 minute wait between password resets to avoid running into that limit.
Nice link! In all the work I’ve done recently to build react-netlify-identity-gotrue I’ve made (and destroyed) hundreds of users and sent so many emails, but always to different addresses. This is good to know! Thanks Dennis!
We’d want to rule that out first.