Skip to main content
IntentLang
← All examples

ResetPassword

examples/ResetPassword.intent

ResetPassword.intent
1# ResetPassword.intent
2# Draft IntentLang (v0). Illustrative only; there is no compiler yet.
3
4mission ResetPassword
5
6goal
7 Let a user securely reset their password
8
9why
10 A weak reset flow is a common path to account takeover.
11
12requires
13 verified email
14 reset token
15
16input
17 email: Email
18 token: ResetToken
19 newPassword: Secret
20
21output
22 result: PasswordResetResult
23
24constraints
25 token.ttl <= 15 minutes
26 password.minLength >= 12
27
28guarantees
29 token expires after 15 minutes
30 token can only be used once
31 password is never logged
32
33guarantee token can only be used once
34 because a reusable reset token is an account-takeover risk
35 verify test one time use
36
37never
38 log(newPassword)
39 return token
40
41target
42 DotNet
43
44style
45 ASP.NET Core
46 EntityFramework
47 BCrypt
48
49verify
50 test token expiration
51 test one time use
52 test password hash stored
53 test raw password not logged
Draft syntax. This file is illustrative and does not run yet.