resetPasswordApi - n1lby73/industrial-IOT GitHub Wiki

Overview

The Reset Password API offers two distinct methods to facilitate password resets: GET and PUT. The choice of method depends on the user's authentication status and the need for resetting the password.

When a user is logged in or presents a valid JWT token and intends to change their password, the API expects a PUT request. This method requires the user to input their current password along with the new password.

For scenarios where the user is not logged in or does not recall their current password, it's recommended to perform a client-side logout before initiating a GET request. This method expects the user's email, triggering the sending of a token that comprises of their username and OTP (One-Time Password) to the user's email address. Verification of this token enables the user to set a new password.

Endpoint URL

  • URL: https://industrialiot.onrender.com/api/resetpass

  • Method:

    1. PUT
    2. GET

Request Parameters

  • Headers:

    • Authorization: Bearer <ACCESS_TOKEN> - (for PUT method only)
    • Content-Type: application/json

  • Body Parameters:

    • For PUT method:

      Parameter Type Description
      oldpass String User's current password (required)
      newpass String User's new password (required)

      Note: Do not forget to do a client side verification for newpass to confirm that user is aware of characters of his password.

    • For GET method:

      Parameter Type Description
      email String User's email address (required)

Responses

  • For PUT method:

    • Success Response:

      • Status Code: 200 OK
      • Response Body: 
        {
  "success": "password updated successfully"
}
        • Description: Indicates a successful password update.

    • Error Responses:

      • Status Code: 400 Bad Request
        • Response Body: 
          {
    "error": "Incorrect old password, logout to reset password or try again"
}
        • Description: Indicates an incorrect current password provided.
      • Status Code: 500 Internal Server Error
        • Response Body: 
          {
  "error": "failed to update password",
  "details": "<Error Details>"
}
        • Description: Indicates a failure to update the password due to an internal server error.

  • For GET method:

    • Success Response:

      • Status Code: 200 OK
      • Response Body: 
        {
  "success": "token sent to email"
}
        • Description: Indicates successful token generation and email sent for OTP verification.

    • Error Responses:

      • Status Code: 400 Bad Request

        • Response Body: 
          {
  "error": "incorrect email"
}
        • Description: Indicates an incorrect email provided or the email not being registered..

      • Status Code: 500 Internal Server Error

        • Response Body: 
          {
  "error": "failed to store token",
  "details": "<Error Details>"
}
        • Description: Indicates a failure to send the OTP email due to an internal server error.

Usage

  • For PUT method:

    1. Request Method: PUT

    2. Endpoint URL: https://industrialiot.onrender.com/api/resetpass

    3. Header:

       Authorization: Bearer <JWT>
 Content-Type: application/json

    4. Request Body:

      {
    "oldpass": "<CURRENT_PASSWORD>",
    "newpass": "<NEW_PASSWORD>"
}

      Note: Replace <CURRENT_PASSWORD> with the user's current password and <NEW_PASSWORD> with the desired new password.

  • For GET method:

    1. Request Method: GET

    2. Endpoint URL: https://industrialiot.onrender.com/api/resetpass

    3. Header:

       Content-Type: application/json

    4. Request Body:

      {
    "email": "<USER_EMAIL>"
}

Additional Information

For utilizing the OTP sent for verification purpose in other to complete password reset, click here. For more details on this, check here

Please ensure to perform a client-side logout before initiating the GET request in cases where the user is not logged in or does not remember their current password.

⚠️ **GitHub.com Fallback** ⚠️