feat: make reset password less secure and more convenient

This commit is contained in:
b1ek 2024-08-29 20:36:47 +10:00
parent 55d9b7dc6b
commit ab7b5c0a97
Signed by: blek
GPG Key ID: 14546221E3595D0C
1 changed files with 6 additions and 8 deletions

View File

@ -94,6 +94,8 @@ paths:
post: post:
tags: tags:
- Users - Users
description: |-
I know its not secure because anyone can reset anyones password. But here's a counterpoint: its not required to be secure, and i dont care
requestBody: requestBody:
content: content:
application/json: application/json:
@ -103,17 +105,13 @@ paths:
email: email:
type: string type: string
example: 'jdoe@example.com' example: 'jdoe@example.com'
new_pass:
type: string
example: 'very_strong_password123456'
responses: responses:
200: 200:
description: |- description: |-
A reset password link is sent to the email, if such an account exists. The password is reset
If no mailer is set and it is debug mode, link will be available in `X-Reset-Link`
400:
description: |-
Invalid email
This error also might be sent by laravel if your body is corrupted
/api/users/private/list: /api/users/private/list:
get: get: