ForgotPasswordController - xEdziu/RPG-Handy-Helper GitHub Wiki

ForgotPasswordController

This page contains documentation for the ForgotPasswordController class, which handles the password reset flow.

Basic Information

Base Path: /api/v1/forgotPassword
Package: dev.goral.rpghandyhelper.user.additional

Endpoint Summary

HTTP Method Path Description
PUT /reset Sends reset password email
GET /validateToken Validates the password reset token
PUT /changePassword Changes the user's password using token

Field Descriptions

Request Parameters

  • token (String): Token used to verify the identity of the user for password reset.

Request Body Fields

For /reset

  • email (String): User's email address.

For /changePassword

  • password (String): New password to be set.

Response Fields

  • message (String): Describes the result of the operation.
  • error (Integer): HTTP status code.
  • timestamp (String): Time the response was generated.

Endpoint Details

Reset Password Email

Method: PUT
Path: /reset

Request Body

{
  "email": "[email protected]"
}

Response

{
  "message": "E-mail z linkiem do resetowania hasła został wysłany.",
  "error": 200,
  "timestamp": "..."
}

Possible Errors

  • 400 Bad Request: Missing or malformed email field.
  • 404 Not Found: User with provided email does not exist.
  • 403 Forbidden: User account is not enabled.

Validate Reset Token

Method: GET
Path: /validateToken

Request Parameter

token=example-reset-token

Response

{
  "message": "Token jest poprawny.",
  "error": 200,
  "timestamp": "..."
}

Possible Errors

  • 404 Not Found: Token does not match any user.

Change Password

Method: PUT
Path: /changePassword

Request

token=example-reset-token

{
  "password": "StrongP@ssw0rd"
}

Response

{
  "message": "Hasło zostało zmienione.",
  "error": 200,
  "timestamp": "..."
}

Possible Errors

  • 400 Bad Request: Password does not meet requirements.
  • 404 Not Found: Token does not match any user.

Password Requirements

  • Minimum 8 characters
  • At least one uppercase letter
  • At least one lowercase letter
  • At least one digit
  • At least one special character

Common Troubleshooting Tips

  • Missing Fields: Ensure that all required fields are included in the request body.
  • Token Issues: Make sure the token is valid and was received via a password reset email.
  • Password Strength: Ensure the new password meets all complexity requirements.