Send password reset emails in bulk?

Support
1

I have migrated users from old forum database. Is there any way to send password reset e-mails in bulk? I’ve tried to use API but got You have performed this action too many times, try again later. after requesting to send about 3 reset emails… (other API actions work fine)

I’d be happy to use ruby console or API if you can please advise how to go around that rate limit. It is probably limit per IP address as I’ve investigated.

[updated]

Seems like RateLimiter for ‘forgot_password’ is unfortunately hardcoded so I went ruby script way…

For mass reseting (sending out tokens for password reset to all users) you can do

cd /var/discourse
./launcher enter app

Then create new file mass-password-reset.rb using your favourite editor with following script:

User.all.each do |u|
  email_token = u.email_tokens.create(email: u.email)
  Jobs.enqueue(:critical_user_email, type: :forgot_password, user_id: u.id, email_token: email_token.token)
  sleep(5)
end

And then run it with rails r mass-password-reset.rb

5 Likes
2

Awesome, thanks! I recently migrated data from my old forum and when tried to manually reset passwords for my users (not too many of them), ran into error message. Discourse logs didn’t show anything, tried to rebuild app and it didn’t help. Then tried your script and now via outsourced email sending service (and Sidekiq) I see that these mails are sending out. So, thanks again! :slight_smile:

2 Likes
3

Tried this but the data model has now changed (due to secondary email I think). Email addresses are now in User Email object I think.

2 Likes
4

Hiya, did you get anything to resolve this? I was about to try that script but have seen your message and now wonder if you manage to work this around.

5

I think the best option is still to get them to reset their password through the reset password link. Is there a reason your user can’t do this?

6

No, it would be just a matter of user experience. We have been migrating our old vanilla forum and I think the best experience for the old users would be to receive an email saying “Hey, we migrated from our forum to a new platform. You can log in through this link: {link}”.

7

Just rectifying here - that script does work. I just had to:

cd /var/discourse
sudo ./launcher enter app

Then create the file:

// create file
touch password.rb

Then add the following code:

email_token = nil

User.all.each do |u|
  email_token = u.email_tokens.create(email: u.email)
  Jobs.enqueue(:critical_user_email, type: :forgot_password, user_id: u.id, email_token: email_token.token)
  sleep(5)
end

And finally, run it:

rails r password.rb

It did work for me :slight_smile:.

2 Likes
8

Ah sorry, I meant to loop back to this yesterday when I realised you wanted to do a mass one and not a singleton. I’m glad you figured it out though. :slight_smile: :+1:

I’ll split this issue out to make it easier to find in future searches. :mag_right:

2 Likes
9

Hey, I don’t know if this is still the best place to ask this, but would you happen to know how long does the forgot password email last for? I know it expires in 4 or 3 days but I need to know because I’ll invite my users from an old forum and need to send a message notifying them that the email may be expired after n days so I need the specific time. Cheers

10

How do we run this command on a per-user basis or just for a list of users in a text file? I have about 8000 users to bring over. I’m creating the users just fine with the API, but then the emails won’t go out due to the hard-coded rate-limiting. I also set my IP address to ACCEPT in the Screened IP, but still no-go. Is this something that only can be done in the rails console?

Thank you!