Complete Password Reset
POST/auth/reset-password
Sets the user's new password using the recovery token. Typical Flow:
- The user enters their new password in the form
- The frontend sends the token and new password to the server
- The server validates the token and password requirements
- Updates the password in the database
- Invalidates the recovery token
- Returns success confirmation Password Requirements:
- Minimum 6 characters
- It is recommended to include uppercase letters, lowercase letters, and numbers Usage Examples:
- User completes the recovery form
- System validates and updates the password
- User can log in with the new password Important Notes:
- The token is invalidated immediately after use
- The same token cannot be reused
- The password is encrypted with bcrypt before storage
- After the change, all previous JWT tokens are invalidated
Request
Responses
- 200
- 400
Password reset successfully
Invalid token or password does not meet requirements