Password Recovery
This guide explains how to implement password recovery in the Sumaya369 mobile application.
Forgot Password
Endpoint
- Method: POST
- URL:
/v1/mobile/forgot-password
Request Headers
| Header | Value | Required |
|---|---|---|
| Content-Type | application/json | Yes |
| Accept | application/json | Yes |
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| string | Registered email address | Yes |
Success Response
{
"success": true,
"message": "تم إرسال تفاصيل استعادة كلمة المرور الخاصة بك إلى بريدك الإلكتروني",
"data": null,
"status_code": 200
}
Error Responses
Email Not Found (422)
{
"success": false,
"message": "البريد الإلكتروني غير موجود",
"errors": null,
"data": null,
"status_code": 422
}
Verify Password OTP
Endpoint
- Method: POST
- URL:
/v1/mobile/verify-password-otp
Request Headers
| Header | Value | Required |
|---|---|---|
| Content-Type | application/json | Yes |
| Accept | application/json | Yes |
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| otp | string | OTP code received via email | Yes |
Success Response
{
"success": true,
"message": "يمكنك الان إعادة تعيين كلمة المرور",
"data": 200,
"status_code": 200
}
Error Responses
Invalid OTP (422)
{
"success": false,
"message": "رمز التحقق هذا غير صحيح",
"errors": null,
"data": null,
"status_code": 422
}
Reset Password
Endpoint
- Method: POST
- URL:
/v1/mobile/reset-password/{otp}
Request Headers
| Header | Value | Required |
|---|---|---|
| Content-Type | application/json | Yes |
| Accept | application/json | Yes |
Request Body
| Parameter | Type | Description | Required |
|---|---|---|---|
| password | string | New password (min 6 characters) | Yes |
| password_confirmation | string | Confirm new password | Yes |
Success Response
{
"success": true,
"message": "تمت إعادة تعيين كلمة المرور!",
"data": 200,
"status_code": 200
}
Error Responses
Invalid OTP (422)
{
"success": false,
"message": "رمز التحقق غير صالح",
"errors": null,
"data": null,
"status_code": 422
}
Example Implementation Flow
- Password Recovery Process
- User requests password reset via
/v1/mobile/forgot-password - User receives OTP code via email
- User verifies OTP via
/v1/mobile/verify-password-otp - User sets new password via
/v1/mobile/reset-password/{otp}
- User requests password reset via
Key Considerations
- OTP codes are time-sensitive and should be entered promptly
- Provide clear error messages for invalid OTP attempts
- Validate password strength and confirmation
- Handle password reset errors gracefully