Request Password Reset
POST
/auth/password-reset
Request password reset.
Generates a secure reset token (random 32-byte hex) with 1-hour expiration. Does NOT reveal whether email exists (prevents user enumeration).
In production, this would send an email with a reset link containing the token. For now, tokens are logged (use in testing).
Args: request: Password reset request with email http_request: HTTP request object (for audit logging) db: Database session
Returns: Confirmation message (same whether user found or not)
Request Body required
Section titled “Request Body required ” PasswordResetRequest
Password reset request.
object
email
required
Email
Email address
string format: email
Responses
Section titled “ Responses ”Successful Response
PasswordResetResponse
Password reset response.
object
message
Message
string
Validation Error
HTTPValidationError
object
detail
Detail
Array<object>
ValidationErrorobject
loc
required
Location
Array
msg
required
Message
string
type
required
Error Type
string
input
Input
ctx
Context