beacon icon indicating copy to clipboard operation
beacon copied to clipboard
verified publisher icon CCExtractor

Forgot Password and request another OTP functionalities need to be implemented

Open c-o-d-e-y-o-d-a opened this issue 11 months ago β€’ 3 comments

Is your feature request related to a problem? Please describe. In the current version of the application there is no way to reset your password in case you forget it and there is not way to request another OTP either. Describe the solution you'd like Implement both the functionalities for a better User experience as these have become the industry standard.

Are you working on this? (Yes/No) No

c-o-d-e-y-o-d-a avatar Apr 05 '25 23:04 c-o-d-e-y-o-d-a

is this project still active ?

harikrishnatp avatar May 15 '25 18:05 harikrishnatp

@harikrishnatp Yes, the project is currently under active development, and contributions are welcome!

himanshugoyal77 avatar Jun 23 '25 08:06 himanshugoyal77

Hi @himanshugoyal77 πŸ‘‹,

I’d like to propose implementing the Forgot Password + Email OTP Reset feature. There are two possible approaches we can consider: πŸ”Ή Approach 1: Firebase-Only (Built-in Reset Flow) Flow: Use sendPasswordResetEmail() from Firebase Auth. Firebase automatically emails the user a secure reset link. User resets their password directly via Firebase’s hosted flow. Pros: Simple, ready-to-use, highly secure. Zero extra infrastructure needed. Free for unlimited password reset emails. Cons: Link-based reset (not OTP). Cost: Free for small, medium, and large apps.

πŸ”Ή Approach 2: AWS Serverless (Custom Email OTP Reset) Flow: User requests password reset β†’ AWS Lambda generates OTP. OTP stored in DynamoDB with 5 min expiry. OTP sent via Amazon SES email. User enters OTP + new password. Lambda verifies OTP β†’ updates password via Firebase Admin SDK. Pros: Fully customizable OTP flow. Cheap, scalable, and serverless. Email OTP is familiar UX for users. Cons: Slightly more setup (Lambda, SES, DynamoDB). Responsibility for OTP security/expiry handling. Cost: AWS SES β†’ 62,000 emails/month free, then $0.10 per 1,000 emails. AWS Lambda + DynamoDB β†’ free tier covers most apps. Example:- Small app (<10k OTP/month) β†’ Free. Medium app (30k OTP/month) β†’ ~$3/month. Large app (100k OTP/month) β†’ ~$10/month. βœ… Both approaches are secure and affordable.

If we want fastest implementation β†’ Firebase-only is best. If we want custom OTP experience β†’ AWS serverless flow is ideal.

Could you please assign this issue to me? I’d love to implement the solution πŸš€

Thanks!

Ash469 avatar Aug 21 '25 09:08 Ash469