Implement POST /api/auth/reset-password Endpoint #23
Labels
No labels
CI/CD
MongoDB
PostgreSQL
api
authentication
bug
documentation
duplicate
enhancement
example issue
fix
good first issue
help wanted
high-level requirement
infrastructure
invalid
low-level requirement
medium-level requirement
question
security
test
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
AndreFerreira5/starranja#23
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Allows the user to set a new password, validating their single-use token.
Tasks:
POST /api/auth/reset-password.tokenandnew_passwordin the request body.tokenand search for it in thepassword_reset_tokenstable.password_serviceto hash thenew_password.password_hashin theuserstable for the associateduser_id.password_reset_tokensto ensure it cannot be reused.200 OK.400 Bad Request.No need for password reset service because the credentials management will be centralized.