feat: implement forgot password, added security updates

web/src/api/auth.ts

@@ -0,0 +1,36 @@
+import { http } from "./http";
+
+export type ForgotPasswordRequestPayload = {
+  email: string;
+};
+
+export type ForgotPasswordRequestResponse = {
+  ok: true;
+  message: string;
+};
+
+export type ForgotPasswordConfirmPayload = {
+  uid: string;
+  token: string;
+  newPassword: string;
+};
+
+export type ForgotPasswordConfirmResponse = {
+  ok: true;
+};
+
+export function requestForgotPassword(payload: ForgotPasswordRequestPayload) {
+  return http<ForgotPasswordRequestResponse>("/auth/forgot-password/request", {
+    method: "POST",
+    body: payload,
+    skipAuthRedirect: true,
+  });
+}
+
+export function confirmForgotPassword(payload: ForgotPasswordConfirmPayload) {
+  return http<ForgotPasswordConfirmResponse>("/auth/forgot-password/confirm", {
+    method: "POST",
+    body: payload,
+    skipAuthRedirect: true,
+  });
+}