orion

sboulahtit/orion

Fork 0

Files

History

Samir Boulahtit 478c3a9c50

CI / ruff (push) Successful in 16s

Details

CI / validate (push) Has been cancelled

Details

CI / dependency-scanning (push) Has been cancelled

Details

CI / docs (push) Has been cancelled

Details

CI / deploy (push) Has been cancelled

Details

CI / pytest (push) Has been cancelled

Details

fix(storefront-auth): forgot/reset password accept JSON body, not query

POST /api/v1/storefront/auth/forgot-password and .../reset-password were
both declared with bare `email: str` / `reset_token: str, new_password: str`
parameters. FastAPI treats unannotated str params as query parameters, so
the frontend's JSON body was ignored and the endpoint 422'd with
"missing query parameter 'email'". The docstrings on both endpoints
already said "Request Body" — intent was clear, implementation drifted.

Add two new Pydantic body schemas in tenancy/schemas/auth.py:
  PasswordResetRequest  { email: str }                          (forgot)
  PasswordResetConfirm  { reset_token: str, new_password: str } (reset)

Re-export from tenancy/schemas/__init__.py, import in
customers/routes/api/storefront.py, and switch both endpoint signatures
to take `body: <Schema>`. Internal usage reads body.email / body.reset_token
/ body.new_password.

Surfaced during Test 5 when user clicked "forgot password" on the customer
storefront login page to set a password for the first time after a
self-enrollment flow.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-24 23:06:10 +02:00