"Forgotten Password" functionality for front-end users

I have a site with a front-end login system, using Kirby’s users system via Uniform (GitHub - mzur/kirby-uniform: A versatile Kirby plugin to handle web form actions.). All working great.

I now need to add a “Forgotten Password” process for the users, in case they forget their details. I know there is a panel-based system but I need to do this for users without panel access.

I am not sure where to start with this, would anyone be able to give any pointers for implementing this? Thanks in advance!


I think you can use the password reset form also for users without Panel access.

No that doesn’t work unfortunately.
The ideal flow I would be after would be a page for forgotten password, where the visitor enters their email address. This would then trigger an email with a URL in to the user to reset the password. At that URL would be a form for them to enter a new password for that account (still on my site front end).

I guess I need some sort of authentication in the URL that is sent… this is a bit beyond my experience but hopefully someone here has implemented something like it for a Kirby members site.

hello, did you find a solution? To be able to reset the front side password?

If you don’t want the user to put in a code as authentication before resetting the password you can do so via a URL and a specific template for the reset page.

for example you could have smth like this in your controller for the passwort reset page:

if ($kirby->request()->is('POST') && get('pwresetstart')){
  $authCode = md5(uniqid("", true).random_bytes(20));
  $confirmlink = $site->url()."/pw-reset/{$authCode}/";
    'template' => 'confirm',
    'slug' => $authCode,
    'draft' => false
  $body = "{$site->find('pw-reset')->mailbody()->value()}\n\n";
  // like this you could use %link as a variable within a textarea for example, and replace that part with the URL for the password reset
  $body = str_replace("%link", $confirmlink, $body);
    "to" => get('email'),
    "from" => "{$page->noreplymail()->value()}",
    "subject" => "{$page->pwresetsubject()->value()}",
    "body" => $body


Generally you could try and make use of controllers for this if the kirby-given password reset is insufficient for you.

@ErVal I will try what you suggest.

Do you have the template part?