|
|
@@ -187,8 +187,17 @@ async def forgot_password(request: schemas.ForgotPassword, lang: str = "en"):
|
|
|
return {"message": "Reset instructions sent to your email"}
|
|
|
|
|
|
@router.post("/verify-reset-token")
|
|
|
-async def verify_reset_token(request: schemas.TokenVerify):
|
|
|
- user_id = token_service.verify_reset_token(request.token)
|
|
|
+@router.get("/verify-reset-token")
|
|
|
+async def verify_reset_token(token: Optional[str] = None, request: Optional[schemas.TokenVerify] = None):
|
|
|
+ target_token = token
|
|
|
+ if request and request.token:
|
|
|
+ target_token = request.token
|
|
|
+
|
|
|
+ if not target_token:
|
|
|
+ # If it's pure GET without query param but should have been caught by param default
|
|
|
+ raise HTTPException(status_code=400, detail="Token required")
|
|
|
+
|
|
|
+ user_id = token_service.verify_reset_token(target_token)
|
|
|
if not user_id:
|
|
|
raise HTTPException(status_code=400, detail="Invalid or expired reset token")
|
|
|
return {"message": "Token is valid"}
|
unknown