I Hope you are all doing fine. Below are the proposed endpoint i will be implimenting in the reset webservice with regards to the work done in core. I will be adding endpoint to the resource paswordreset /ws/rest/v1/passwordreset.
-
A get request to this endpoint with a path variable /ws/rest/v1/passwordreset/{usernameOrEmail} will trigger the password reset for the said user with email or username. and
-
A post to this endpoint will contain {“activationKey”:“xciYc36UIb12tdh”, “newPassword”:“Admin123”}. if succeeded, will reset the password for the said user. All actions on these endpoint get as response HttpStatus.OK whether successful or not.
Also I will like to say instead of sending a link in the email the token should be sent so as to permit endusers manipulate the api in their own way. as sending a link will tie the clients to a particular page for web apps and for standalone apps they wont be able to request for activationkey as core implimentation doesnot impliment the possiblity for get back and activation key.
My Initial line of thought was github pull request.
I await your feedback.