| description |
|---|
Authenticate via Email and Password. |
Moralis allows you to authenticate your users using email and passwords. These profile details can be later linked with web3 wallets.
It's also possible to authenticate without a wallet via username and password. This makes use of the built-in Moralis.User class.
This class extends Moralis.Object with some extra attributes:
username: the username for the user (required)password: the password for the user (required on signup)email: the email address for the user (optional)
{% hint style="success" %}
Use **Moralis.User.signUp(username, password)**to create a new user
{% endhint %}
{% tabs %} {% tab title="JS" %}
const user = new Moralis.User();
user.set("username", "my name");
user.set("password", "my pass");
user.set("email", "[email protected]");
// other fields can be set just like with Moralis.Object
user.set("phone", "415-392-0202");
try {
await user.signUp();
// Hooray! Let them use the app now.
} catch (error) {
// Show the error message somewhere and let the user try again.
alert("Error: " + error.code + " " + error.message);
}{% endtab %}
{% tab title="React" %}
import { React } from "react";
import { useMoralis } from "react-moralis";
const { Moralis, isInitialized, ...rest } = useMoralis();
const emailUser = async () => {
const user = new Moralis.User();
user.set("username", "my name");
user.set("password", "my pass");
user.set("email", "[email protected]");
// other fields can be set just like with Moralis.Object
user.set("phone", "415-392-0202");
try {
await user.signUp();
// Hooray! Let them use the app now.
} catch (error) {
// Show the error message somewhere and let the user try again.
alert("Error: " + error.code + " " + error.message);
}
}{% endtab %} {% endtabs %}
{% hint style="info" %}
Note that we used thesignUpmethod, not thesavemethod. New Moralis.User's created with a username should always be created using thesignUpmethod. Subsequent updates to a user can be done by callingsave
{% endhint %}
This call will asynchronously create a new user in your Moralis Database. Before it does this, it also
- Checks to make sure that both the username and email are unique.
- It securely hashes the password in the cloud using
bcrypt.
{% hint style="warning" %} We never store passwords in plaintext, nor will we ever transmit passwords back to the client in plaintext. {% endhint %}
If a signup isn’t successful, you should read the error object that is returned however, in most cases, this happens because the username or email is already being used by another user. You should clearly communicate this to your users, and ask them to try a different username.
You are free to use an email address as the username and if so, simply ask your users to enter their email into the username property — Moralis.User will work as normal. We’ll go over how this is handled in the reset password section.
After signing up, you can allow users to login through the **logIn**method
const user = await Moralis.User.logIn("myname", "mypass");
// Do stuff after successful login.By default, the SDK uses the GET HTTP method. If you would like to override this and use a POST HTTP method instead, you may pass an optional boolean property in the options argument with the key usePost.
const user = await Moralis.User.logIn("myname", "mypass", { usePost: true });
// Do stuff after successful login.{% hint style="info" %} To use this feature, first Setup Email Service {% endhint %}
Enabling email verification in an application’s settings allows the application to reserve part of its experience for users with confirmed email addresses.
Email verification adds the emailVerified key to the Moralis.User object. When a Moralis.User’s email is set or modified, emailVerified is set to false. Moralisthen emails the user a link which will set emailVerified to true.
There are three emailVerified states to consider:
true- The user confirmed his or her email address by clicking on the link Moralis emailed them.Moralis.Userscan never have atruevalue when the user account is first created.false- The user did not confirm his/her email address by clicking the link Moralis emailed them. IfemailVerifiedisfalse, consider callingfetchon theMoralis.User.undefined (missing)- ThisMoralis.Userwas created when email verification was not set up orMoralis.Userdoes not have an email when signing up.
{% hint style="info" %} To use this feature, first Setup Email Service {% endhint %}
As you introduce passwords into a system, users will forget them. In such cases, our library provides a way to let them securely reset their password by sending an email with a reset link.
To kick off the password reset flow, ask the user for their email address, and call:
Moralis.User.requestPasswordReset("[email protected]")
.then(() => {
// Password reset request was sent successfully
})
.catch((error) => {
// Show the error message somewhere
alert("Error: " + error.code + " " + error.message);
});This will attempt to match the given email with the user’s email or username field, and will send them a password reset email. By doing this, you can opt to have users use their email as their username, or you can collect it separately and store it in the email field.
The flow for password reset is as follows:
- User requests that their password be reset by typing in their email.
- Moralis sends an email to their address, with a special password reset link.
- User clicks on the reset link and is directed to a special Moralis page that will allow them to type in a new password.
- User types in a new password. Their password has now been reset to a value they specify.
{% hint style="info" %} Note that the messaging in this flow will reference your app by the name that you specified when you created this app on Moralis. {% endhint %}
You can connect your Moralis app with Sendgrid email service in order to send verification emails. The video below shows how to:
- Setting up email service (Sendgrid) with Moralis
- Signing up users with username and password
- Sending custom welcome emails upon creating new profiles
- Verifying emails for users
- Reset passwords for signed-up users
{% embed url="https://www.youtube.com/watch?v=PByFsb6t4Vo&ab_channel=MoralisWeb3" %} Moralis User Email Verification using Sendrid {% endembed %}