Forgot password
Used to reset a password for the user.
Send forgot password email
URL: /api/auth/forgotPassword/sendEmail
Method: POST
Auth required: No
Data constraints
{
"username": "[required | min: 1 | max: 190]"
}
Data example
{
"username": "st.huber"
}
Success response
Condition: Username exists and user has email adresses linked to his account.
Code: 200
Content example
{
"msg": "Sent"
}
Error response
Unknown username
Condition: User with this username does not exist
Code: 404
Content example
{
"msg": "Unknown username",
"error_code": "unknown_username"
}
No email address(es) linked to this account
Condition: User does not have email address(es) linked to his account.
Code: 400
Content example
{
"msg": "There are no email addresses for this account",
"error_code": "no_email_addresses"
}
Check code
URL: /api/auth/forgotPassword/checkCode
Method: POST
Auth required: No
Data constraints
{
"username": "[required | min: 1 | max: 190]",
"code": "[required | digits | max: 6]"
}
Data example
{
"username": "st.huber",
"code": "482901"
}
Success response
Condition: Code is correct, rate limit not exceeded, username exists
Code: 200
Content example
{
"msg": "Code correct",
"success_code": "code_correct"
}
Error response
Incorrect code
Condition: Code is incorrect
Code: 400
Content example
{
"msg": "The code is incorrect",
"error_code": "code_incorrect"
}
Unknown username
Condition: User with this username does not exist
Code: 404
Content example
{
"msg": "Unknown username",
"error_code": "unknown_username"
}
Rate limit exceeded
Condition: After 12 tries the rate limit will be exceeded.
Code: 400
Content example
{
"msg": "Rate limit exceeded",
"error_code": "rate_limit_exceeded"
}
After exceeding the rate limit there has to be requested a new code via this request.
No password reset requested for this user
Condition: There was not requested a password reset for this account
Code: 400
Content example
{
"msg": "There was no code for a password reset requested"
}
Reset password
URL: /api/auth/forgotPassword/resetPassword
Method: POST
Auth required: No
Data constraints
{
"username": "[required | min: 1 | max: 190]",
"code": "[required | digits | max: 6]",
"new_password": "[required]"
}
Data example
{
"username": "st.huber",
"code": "482901",
"new_password": "NewPassword1234!"
}
Success response
Condition: Code is correct, rate limit not exceeded, username exists
Code: 200
Content example
{
"msg": "Changed password successful"
}
Error response
Incorrect code
Condition: Code is incorrect
Code: 400
Content example
{
"msg": "The code is incorrect",
"error_code": "code_incorrect"
}
Unknown username
Condition: User with this username does not exist
Code: 404
Content example
{
"msg": "Unknown username",
"error_code": "unknown_username"
}
Rate limit exceeded
Condition: After 12 tries the rate limit will be exceeded.
Code: 400
Content example
{
"msg": "Rate limit exceeded",
"error_code": "rate_limit_exceeded"
}
After exceeding the rate limit there has to be requested a new code via this request.
No password reset requested for this user
Condition: There was not requested a password reset for this account
Code: 400
Content example
{
"msg": "There was no code for a password reset requested"
}