open-taffeta icon indicating copy to clipboard operation
open-taffeta copied to clipboard

Published 20 hours ago verified publisher icon apiraino

Reset password

Open apiraino opened this issue 5 years ago • 0 comments

Endpoint to reset the pwd

Passwords cannot be recovered. The workflow to reset the pwd could be:

  • a POST /reset/pwd (sth like that)
  • backend creates a temporary token and store it in a local cache
  • backend sends an email with this link to confirm the request
  • user clicks the link
  • if the token is not yet expired, a form will be sent to the client to insert the new pwd
  • the form will send a PATCH somewhere to update the pwd
  • all user tokens will be deleted, use must login again

apiraino avatar Sep 12 '19 19:09 apiraino