Authentication
Forgot Password
Initiate password reset flow.
Generates a reset token and sends an email with reset instructions. Always returns 200 regardless of whether the email exists (security - don’t reveal user existence).
Args: request: FastAPI request object to get client IP. forgot_request: Email and account identifier. session: Database session. reset_service: Password reset service dependency.
Returns: Generic success message.
POST
Forgot Password
Body
application/json
Response
Password reset email sent (or email not found - same response)
Response for forgot password request.
Success message (always returned regardless of whether email exists)
Previous
Reset PasswordReset password using a valid reset token.
Validates the token, updates the password, and invalidates all refresh tokens.
Args:
request: Reset token and new password.
reset_service: Password reset service dependency.
Returns:
Success message.
Raises:
HTTPException: 400 if token is invalid, expired, or already used.
Next
Forgot Password