ورود | ثبت نام
- FA
- EN
Resets the user's password using the 6-digit verification code received via SMS.
This endpoint does not require authentication. Rate limited to 5 requests per minute per IP address.
| Name | Type | Required | Description | Example |
|---|---|---|---|---|
| phone | string | Yes | User phone number (must match the one used in request) | "+989123456789" |
| code | string | Yes | 6-digit verification code received via SMS | "123456" |
| password | string | Yes | New password (minimum 8 characters) | "newpassword123" |
| password_confirmation | string | Yes | Confirmation of the new password | "newpassword123" |
POST /api/v1/auth/reset-password/reset
Content-Type: application/json
{
"phone": "+989123456789",
"code": "123456",
"password": "newpassword123",
"password_confirmation": "newpassword123"
}
Returns a success message when the password is reset successfully.
{
"message": "Password has been reset successfully."
}
| Status | Description | Reference |
|---|---|---|
| 422 | Validation error (invalid input/code) | See below |
| 429 | Too many requests | Rate-limit error |
Invalid or expired code:
{
"message": "Invalid reset code.",
"errors": {
"code": ["Invalid reset code."]
}
}
Expired code:
{
"message": "Reset code has expired.",
"errors": {
"code": ["Reset code has expired."]
}
}
Password validation errors:
{
"message": "The password field must be at least 8 characters.",
"errors": {
"password": ["The password field must be at least 8 characters."]
}
}
{
"message": "The password confirmation field must match password.",
"errors": {
"password": ["The password confirmation field must match password."]
}
}
Phone validation:
{
"message": "The phone field is required.",
"errors": {
"phone": ["The phone field is required."]
}
}
