Confirm Forgot Password User

Confirm password reset using the OTP code sent to user's email.

Endpoint

POST /v1/accounts/confirm/forget/password/user/

Authentication

Not required (public endpoint)

Request Body

{
  "email": "user@example.com",
  "code": "123456",
  "new_password": "NewSecurePass123!"
}

Parameters

Field	Type	Required	Description	Validation
`email`	string	Yes	User's email address	Valid email format
`code`	string	Yes	OTP code received via email	Not empty
`new_password`	string	Yes	New password	Min 8 chars, uppercase, lowercase, number, symbol

Response

Success (200 OK)

{
  "message": "Successful Operation"
}

The password is reset and all existing tokens are invalidated. User must login again.

Error Responses

User Not Found (404)

{
  "error": "User Not Found"
}

Invalid OTP (404)

{
  "error": "Invalid OTP"
}

Example Request

curl -X POST "https://api.luxmart.site/v1/accounts/confirm/forget/password/user/" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "code": "123456",
    "new_password": "NewSecurePass123!"
  }'

Notes

Password is hashed before storage
OTP is cleared after successful reset
All user tokens are deleted
User must login again with the new password