Password Recovery and Account Activation
This guide explains how to implement password recovery and account activation in the Sumaya369 admin application.
Forgot Password
Endpoint
- Method: POST
- URL:
/v1/admin/forgot-password
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| string | Admin's email address | Yes |
Success Response
{
"success": true,
"message": "تم إرسال تفاصيل استعادة كلمة المرور الخاصة بك إلى بريدك الإلكتروني",
"data": null,
"status_code": 200
}
Reset Password
Endpoint
- Method: POST
- URL:
/v1/admin/reset-password/{token}
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| password | string | New password | Yes |
| password_confirmation | string | Confirm new password | Yes |
Success Response
{
"success": true,
"message": "تمت إعادة تعيين كلمة المرور!",
"data": null,
"status_code": 200
}
Resend Activation Email
Endpoint
- Method: POST
- URL:
/v1/admin/resend-activation-email
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| string | Admin's email address | Yes |
Success Response
{
"success": true,
"message": "تم إرسال رسالة التفعيل إلى بريدك الإلكتروني",
"data": null,
"status_code": 200
}
Account Activation
Endpoint
- Method: POST
- URL:
/v1/admin/activate-account
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| string | Admin's email address | Yes | |
| token | string | 60-character activation token | Yes |
Success Response
{
"success": true,
"message": "تم تفعيل بريدك الإلكتروني بنجاح.",
"data": {
"email": "nujud@sumaya369.net"
},
"status_code": 200
}
Example Implementation Flow
-
Password Recovery Process
- Admin requests password reset via
/v1/admin/forgot-password - Admin receives password reset instructions via email
- Admin sets new password via
/v1/admin/reset-password/{token}
- Admin requests password reset via
-
Account Activation Process
- Admin receives activation email after registration
- Admin activates account via
/v1/admin/activate-account - If activation email is not received, admin can request a new one via
/v1/admin/resend-activation-email
Key Considerations
- Provide clear instructions in notification emails
- Validate password strength and confirmation
- Handle password reset and activation errors gracefully
- Ensure secure token generation and validation
- Implement proper email verification process