Works:
To reset a password, users get an email with a link. When they click that link, they are taken to my app’s password reset form. I follow the Strapi documentation and this is functional.
Issue:
In the password reset form, I’d like to pre-populate the email address, so the user only needs to input a new password. Currently the user has to input their email address when coming to this form; I’d like to eliminate that.
How can this be done?
One option is for Strapi to include the relative email address in the emailed password-reset link, like so:
https://myapp.com/passwordreset?code=c1ceaf877166a096e21088dd&email=usersemail%40gmail.com
Are there any issues with doing so, security-wise?
Is this something that’s possible with Strapi ?