Implement new resource to send an email with a link to return and create a new password in an updated User record. Security here is the most important aspect of this.
Security
Email is sent only if the email exists on "a" User account
Email is sent to the User with Warning Text "Someone is trying to access your account ..."
A link is provided, like Agent and Monitor invitations, but also timely. i.e. the chance to match gobble-dee-gook expires
An opportunity to update (PUT) User is provided and only the password (Bcrypt) can be changed.
Steps
revise the version in package.json and be sure to add -dev
Implement new resource to send an email with a link to return and create a new password in an updated User record. Security here is the most important aspect of this.
Security
Steps
-dev
src/app.ts