Sending an email to the customers id
This link should be one time used and short lived.
The link should also have a andom token associated with it.
Once the user clicks resets the password the link should no longer be useful.
1 ) Create a token and store token number and created time in the table.
2) In the link add token as parameter
3 ) When user clicks on the link you check the difference between current time and token created time. If its more than the predefined time iterval show valid erro message to user.
4) Otherwise do a soft delete of the token frm the database.
Dear ranchers if there is any better please provide info