Purpose
Those WS are designed to give the user change the password or in case the password is expired and must be changed.
WS logic
The password can be changed in 2 steps:
- user authorizes in the system using email and old password. In response he receives the change_password_token
- with change_password_token user requests Update User password service and by input "new password" change the old one
Authorize to change the password
- Apiary: Get token to change the password
- Scopes: user: change_password
- If the password is expired this service must still allow user to login and give in response change_password token
Update Password
- Apiary: Update User password
- Receiving a token find user_id and update the password for this user