Copied from #tech-support
Hey guys, I’m working on ***********************************. I have a question regarding the password reset flow. The project is using the following packages:
django-allauth = “~=0.42.0”
django-rest-auth = “~=0.9.5”
Everything works as its supposed to. The /rest-auth/password/reset/
endpoint accepts an email
parameter and sends the password reset email with the token. If we click the link in the email, it takes you to the password reset page. However, if I wanna do this through the REST API. The /rest-auth/password/reset/confirm/
endpoint accepts a uid
and token
parameter in addition to the new password. The URL received in the password reset email looks like /accounts/password/reset/key/o-5nv-b4c83b033415c78abffe/
. The documentation suggests that the email will return something like /{uid}/{token}/
which we can separate from the URL and use on the frontend. But this is not the case.Now, what I wanna know, is do we decode the token on the frontend and separate the values? Usually this flow works just works out of the box and doesn’t require any customization so what am I missing here?