Closed vaasuu closed 1 year ago
The send password reset link to email endpoint will leak that the email exists and I do not care about that at this point, as the same information leakage can be found from the signup endpoint too (by trying to make a new account using the email).
Add API route to reset password using email.
Provide email address and the system will send a email with a link to reset the password.
Things to add: