feat: make reset password less secure and more convenient

2024-08-29 20:36:47 +10:00 · 2024-08-29 20:36:47 +10:00 · ab7b5c0a97
parent 55d9b7dc6b
commit ab7b5c0a97
1 changed files with 6 additions and 8 deletions
--- a/public/openapi.yml
+++ b/public/openapi.yml
@ -94,6 +94,8 @@ paths:
    post:
      tags:
        - Users
+      description: |-
+        I know its not secure because anyone can reset anyones password. But here's a counterpoint: its not required to be secure, and i dont care
      requestBody:
        content:
          application/json:
@ -103,17 +105,13 @@ paths:
                email:
                  type: string
                  example: 'jdoe@example.com'
+                new_pass:
+                  type: string
+                  example: 'very_strong_password123456'
      responses:
        200:
          description: |-
-            A reset password link is sent to the email, if such an account exists.
-            
-            If no mailer is set and it is debug mode, link will be available in `X-Reset-Link`
-        400:
-          description: |-
-            Invalid email
-            
-            This error also might be sent by laravel if your body is corrupted
+            The password is reset
    
  /api/users/private/list:
    get: