[FIX]: Incomplete forgot-password flow #1349

PreciousIfeaka · 2025-03-01T19:26:54Z

Bug Description

When a user tries to update password via the reset-password endpoint using the otp sent to their email, they get a success response, whereas the password is not being updated.

Steps to Reproduce

Make a request to send otp or magic link to the email via the /auth/forgot-password route
Use the OTP obtained in your email to make a request to the password-reset route.
A successful password reset response is obtained but the password is not actually updated.

Expected Behavior

The password is meant to be updated after the flow and the user can then use the new password for authentication.

Current Behavior

The user gets a successful password reset response but the password is not actually being reset.

Screenshots/Logs

{
   "message": "Successfully reset password",
}

Environment

OS: [Linux]
Browser/Device: [Chrome]
Version: [22]

Possible Solution

Completing the flow by encrypting the new password and saving it to the user's data

Additional Context

PreciousIfeaka added the bug Something isn't working label Mar 1, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[FIX]: Incomplete forgot-password flow #1349

[FIX]: Incomplete forgot-password flow #1349

PreciousIfeaka commented Mar 1, 2025

[FIX]: Incomplete forgot-password flow #1349

[FIX]: Incomplete forgot-password flow #1349

Comments

PreciousIfeaka commented Mar 1, 2025

Bug Description

Steps to Reproduce

Expected Behavior

Current Behavior

Screenshots/Logs

Environment

Possible Solution

Additional Context