feat: make reset password less secure and more convenient

This commit is contained in:
b1ek 2024-08-29 20:36:47 +10:00
parent 55d9b7dc6b
commit ab7b5c0a97
Signed by: blek
GPG Key ID: 14546221E3595D0C
1 changed files with 6 additions and 8 deletions

View File

@ -94,6 +94,8 @@ paths:
post:
tags:
- Users
description: |-
I know its not secure because anyone can reset anyones password. But here's a counterpoint: its not required to be secure, and i dont care
requestBody:
content:
application/json:
@ -103,17 +105,13 @@ paths:
email:
type: string
example: 'jdoe@example.com'
new_pass:
type: string
example: 'very_strong_password123456'
responses:
200:
description: |-
A reset password link is sent to the email, if such an account exists.
If no mailer is set and it is debug mode, link will be available in `X-Reset-Link`
400:
description: |-
Invalid email
This error also might be sent by laravel if your body is corrupted
The password is reset
/api/users/private/list:
get: