resetPassword work like change password and recover password 🤷‍♂️

I have been watching the mutation for resetPassword and have some concerns.

In a normal flow, the user has two use cases:

  1. I forgot your password
    This case occurs when the user does not remember their password and needs to recover it. The process is the standard, request via email, the email arrives with the tocken, etc. All this perfect.

  2. Change your password
    In this case, the user currently knows his password and simply wants to update it, the flow would be: current password, new password and confirmation.

Mutation.resetPassword performs the function of changing the password when it has been requested, that is, when the user has indicated that it must be recovered.

Now, how is the user supposed to be able to change her password without having to give her the forget my password? This is not a natural flow.

I expected something like:

Mutation.resetPassword fields:
currentPassword
newPassword
passwordConfirmation

Mutation.recoverPassword fields:
password
passwordConfirmation
code

Please if anyone has any ideas I will appreciate it very much.

CC: @DMehaffy @MattieBelt

1 Like

@DMehaffy @MattieBelt Something they can contribute?