requestTokenToResetPasswordEmail method

Future<RequestTokenResponse> requestTokenToResetPasswordEmail(
  1. String clientSecret,
  2. String email,
  3. int sendAttempt, {
  4. String? nextLink,
  5. String? idAccessToken,
  6. String? idServer,
})

The homeserver must check that the given email address is associated with an account on this homeserver. This API should be used to request validation tokens when authenticating for the /account/password endpoint.

This API's parameters and response are identical to that of the /register/email/requestToken endpoint, except that M_THREEPID_NOT_FOUND may be returned if no account matching the given email address could be found. The server may instead send an email to the given address prompting the user to create an account. M_THREEPID_IN_USE may not be returned.

The homeserver should validate the email itself, either by sending a validation email itself or by using a service it has control over.

clientSecret A unique string generated by the client, and used to identify the validation attempt. It must be a string consisting of the characters [0-9a-zA-Z.=_-]. Its length must not exceed 255 characters and it must not be empty.

email The email address to validate.

nextLink Optional. When the validation is completed, the identity server will redirect the user to this URL. This option is ignored when submitting 3PID validation information through a POST request.

sendAttempt The server will only send an email if the send_attempt is a number greater than the most recent one which it has seen, scoped to that email + client_secret pair. This is to avoid repeatedly sending the same email in the case of request retries between the POSTing user and the identity server. The client should increment this value if they desire a new email (e.g. a reminder) to be sent. If they do not, the server should respond with success but not resend the email.

idAccessToken An access token previously registered with the identity server. Servers can treat this as optional to distinguish between r0.5-compatible clients and this specification version.

Required if an id_server is supplied.

idServer The hostname of the identity server to communicate with. May optionally include a port. This parameter is ignored when the homeserver handles 3PID verification.

This parameter is deprecated with a plan to be removed in a future specification version for /account/password and /register requests.

Implementation

Future<RequestTokenResponse> requestTokenToResetPasswordEmail(
  String clientSecret,
  String email,
  int sendAttempt, {
  String? nextLink,
  String? idAccessToken,
  String? idServer,
}) async {
  final requestUri =
      Uri(path: '_matrix/client/v3/account/password/email/requestToken');
  final request = Request('POST', baseUri!.resolveUri(requestUri));
  request.headers['content-type'] = 'application/json';
  request.bodyBytes = utf8.encode(
    jsonEncode({
      'client_secret': clientSecret,
      'email': email,
      if (nextLink != null) 'next_link': nextLink,
      'send_attempt': sendAttempt,
      if (idAccessToken != null) 'id_access_token': idAccessToken,
      if (idServer != null) 'id_server': idServer,
    }),
  );
  final response = await httpClient.send(request);
  final responseBody = await response.stream.toBytes();
  if (response.statusCode != 200) unexpectedResponse(response, responseBody);
  final responseString = utf8.decode(responseBody);
  final json = jsonDecode(responseString);
  return RequestTokenResponse.fromJson(json as Map<String, Object?>);
}