Update main.py

main.py

@@ -258,6 +258,37 @@ async def get_protected(
     # Render a template response
     return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
 
+
+@app.post("/password-reset-request")
+async def password_reset_request(email: str, db: Session = Depends(get_db)):
+    user = db.query(User).filter(User.email == email).first()
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+
+    # Generate a verification token
+    verification_token = generate_verification_token(email)
+
+    # Send a verification email with a password reset link
+    reset_link = f"https://gregniuki-loginauth.hf.space/reset-password?token={verification_token}"
+    send_verification_email(email, reset_link)
+
+    return {"message": "Password reset link sent if the email is registered with us."}
+
+@app.post("/reset-password")
+async def reset_password(token: str, new_password: str, db: Session = Depends(get_db)):
+    user = get_user_by_verification_token(db, token)
+    if not user:
+        raise HTTPException(status_code=400, detail="Invalid or expired token")
+
+    # Hash the new password
+    hashed_password = auth_views.pwd_context.hash(new_password)
+
+    # Update the user's password
+    user.hashed_password = hashed_password
+    user.email_verification_token = None  # Clear the token
+    db.commit()
+
+    return {"message": "Password successfully reset."}
 #@app.get("/protected", response_class=HTMLResponse)
 #async def get_protected(request: Request, token: Optional[str] = None, db: Session = Depends(get_db)):
     # Try to get the token from the query parameter first, then fall back to the cookie