Samir Boulahtit
2e1a2fc9fc
Add complete password reset functionality: Database: - Add password_reset_tokens migration with token hash, expiry, used_at - Create PasswordResetToken model with secure token hashing (SHA256) - One active token per customer (old tokens invalidated on new request) - 1-hour token expiry for security API: - Implement forgot_password endpoint with email lookup - Implement reset_password endpoint with token validation - No email enumeration (same response for all requests) - Password minimum 8 characters validation Frontend: - Add reset-password.html template with Alpine.js - Support for invalid/expired token states - Success state with login redirect - Dark mode support Email: - Add password_reset email templates (en, fr, de, lb) - Uses existing EmailService with template rendering Testing: - Add comprehensive pytest tests (19 tests) - Test token creation, validation, expiry, reuse prevention - Test endpoint success and error cases Removes critical launch blocker for password reset functionality. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
API v1 Integration Tests
Documentation
For comprehensive test structure documentation, please see:
Test Structure Guide in MkDocs
Quick Start
# Run all v1 API tests
pytest tests/integration/api/v1/ -v
# Run specific area
pytest tests/integration/api/v1/vendor/ -v
pytest tests/integration/api/v1/admin/ -v
pytest tests/integration/api/v1/public/ -v
pytest tests/integration/api/v1/shared/ -v
Structure
tests/integration/api/v1/
├── admin/ # Admin API tests
├── vendor/ # Vendor API tests
├── public/ # Public API tests
└── shared/ # Shared/common tests
See full documentation: Test Structure Guide