@spec change_user(Plug.Conn.t(), map()) :: map()

Creates a changeset from the user fetched in the connection.

@spec create_reset_token(Plug.Conn.t(), map()) ::
  {:ok, map(), Plug.Conn.t()} | {:error, map(), Plug.Conn.t()}

Finds a user for the provided params, creates a token, and stores the user for the token.

The returned :token is signed for public consumption using Pow.Plug.sign_token/4. Additionally Pow.UUID.generate/0 is called whether the user exists or not to prevent timing attacks.

:reset_password_token_store can be passed in the config for the conn. This value defaults to {PowResetPassword.Store.ResetTokenCache, backend: Pow.Store.Backend.EtsCache}. The Pow.Store.Backend.EtsCache backend store can be changed with the :cache_store_backend option.

@spec load_user_by_token(Plug.Conn.t(), binary()) ::
  {:ok, Plug.Conn.t()} | {:error, Plug.Conn.t()}

Verifies the signed token and fetches user from store.

If a user is found, it'll be assigned to conn.assigns for key :reset_password_user.

A :pow_reset_password_decoded_token key will be assigned in conn.private with the decoded token. This is used to invalidate the token when calling update_user_password/2.

The token will be decoded and verified with Pow.Plug.verify_token/4.

See create_reset_token/2 for more on :reset_password_token_store config option.

@spec update_user_password(Plug.Conn.t(), map()) ::
  {:ok, map(), Plug.Conn.t()} | {:error, map(), Plug.Conn.t()}

Updates the password for the user fetched in the connection.

The user should exist in conn.assigns for key :reset_password_user and the decoded token in conn.private for key :pow_reset_password_decoded_token. load_user_by_token/2 will ensure this.

See create_reset_token/2 for more on :reset_password_token_store config option.