Ability to reset the password for the user - or just create a new one
The user should be able to reset the password.
Possible implementation:
- Add 2 params for a user -
reset_token
andreset_time
which will define when the reset happened. - Token will be valid for 1 day (24 hours).
- Log each password reset request.
- Send an email with reset link to a user.