[Resolved] Problem in Password reset form

[Author]

Posts

[Ankit Katailiha]

Hi Team,

I have created a Toolset password reset form. In which user will reset the password of their account after the registration and after when admin send the password reset link.
The problem I am facing is that when user try to set the password second time from the same link, the form should display a error like "The key is expired" or "You cannot reset the password from the same link again".
Currently the form redirected to the error page when key is invalid or if have any errors in form but I need to stay in same page if there is any error while displaying the error.
Form should not be submit if the key is invalid or password is not matching.

Could you please help me to achieve the above functionality?

[Christian Cox]

Hello, you can set up the Reset Password feature so that it redirects to the current page upon failure or error, but there is currently no built-in feature that will prevent the form submission when an invalid key is detected. See in our documentation, you should be able to leave "Redirect to this URL on failure" field blank to redirect to the current page instead of a different page:
https://toolset.com/course-lesson/creating-the-lost-password-page/#create-the-reset-password

Validation of the key currently happens on the server-side when the form submission is processed. Unfortunately there is no pre-submission key validation feature available in Toolset, so I think that would require some custom code. I've never tried it before, but maybe this API would be useful to check the key:
https://developer.wordpress.org/reference/functions/check_password_reset_key/
You might be able to use that API to create a conditional that hides the form completely when the key is invalid, but I'm not sure how to prevent the form submission based on that key's validity.