update ip

docs/pages/api-reference/js/main/Faroe/createUserEmailUpdateRequest.md

@@ -14,16 +14,14 @@ Creates a new email verification request for a user. This can only be called 3 t
 //$ $$FaroeEmailUpdateRequest=/api-reference/js/main/$$FaroeEmailUpdateRequest
 async function createUserEmailUpdateRequest(
     userId: string,
-    email: string,
-	clientIP: string | null
+    email: string
 ): Promise<$$FaroeEmailUpdateRequest>
 ```
 
 ### Parameters
 
 - `userId`
 - `email`: A valid email address.
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/createUserEmailVerificationRequest.md

@@ -13,15 +13,13 @@ Creates a new email verification request for a user. This can only be called 3 t
 ```ts
 //$ FaroeUserEmailVerificationRequest=/api-reference/js/main/FaroeUserEmailVerificationRequest
 async function createUserEmailVerificationRequest(
-    userId: string,
-	clientIP: string | null
+    userId: string
 ): Promise<$$FaroeUserEmailVerificationRequest>
 ```
 
 ### Parameters
 
 - `userId`
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/deleteUserTOTPCredential.md

@@ -12,15 +12,13 @@ Deletes a user's TOTP credential. Deleting a non-existent credential will not re
 
 ```ts
 async function deleteUserTOTPCredential(
-    userId: string,
-    clientIP: string
+    userId: string
 ): Promise<void>
 ```
 
 ### Parameters
 
 - `userId`
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/regenerateUserRecoveryCode.md

@@ -12,15 +12,13 @@ Regenerates a user's recovery code and returns the new recovery code.
 
 ```ts
 async function regenerateUserRecoveryCode(
-    userId: string,
-    clientIP: string | null
+    userId: string
 ): Promise<string>
 ```
 
 ### Parameters
 
 - `userId`
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/resetUser2FA.md

@@ -14,16 +14,14 @@ Resets a user's second factors using a recovery code and returns a new recovery
 ```ts
 async function resetUser2FA(
     userId: string,
-    recoveryCode: string,
-    clientIP: string | null
+    recoveryCode: string
 ): Promise<string>;
 ```
 
 ## Parameters
 
 - `userId`
 - `recoveryCode`
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/resetUserPassword.md

@@ -11,13 +11,18 @@ Resets a user's password with a password reset request.On validation, it will ma
 ## Definition
 
 ```ts
-async function resetUserPassword(requestId: string, password: string): Promise<void>
+async function resetUserPassword(
+    requestId: string,
+    password: string,
+    clientIP: string | null
+): Promise<void>
 ```
 
 ### Parameters
 
 - `request_id`: A valid password reset request ID.
 - `password`: A new valid password. A valid password. Password strength is determined by checking it aginst past data leaks using the [HaveIBeenPwned API](https://haveibeenpwned.com/API/v3#PwnedPasswords).
+- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/updateUserEmail.md

@@ -13,14 +13,13 @@ The update request is immediately invalidated after the 5th failed attempt.
 ## Definition
 
 ```ts
-function updateUserEmail(requestId: string, code: string, clientIP: string): Promise<string>;
+function updateUserEmail(requestId: string, code: string): Promise<string>;
 ```
 
 ## Parameters
 
 - `requestId`: A valid email update request ID.
 - `code`: The verification code of the request.
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/verifyUser2FAWithTOTP.md

@@ -11,16 +11,13 @@ Verifies a user's TOTP code. The user will be locked out from using TOTP as thei
 ## Definition
 
 ```ts
-async function verifyUser2FAWithTOTP(
-    code: string,
-    clientIP: string | null
-): Promise<void>
+async function verifyUser2FAWithTOTP(userId: string, code: string): Promise<void>
 ```
 
 ### Parameters
 
+- `userId`
 - `code`: The TOTP code.
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/js/main/Faroe/verifyUserEmail.md

@@ -11,18 +11,13 @@ Verifies and updates a user's email with the user's email verification request c
 ## Definition
 
 ```ts
-async function verifyUserEmail(
-    userId: string,
-    code: string,
-    clientIP: string | null
-): Promise<void>
+async function verifyUserEmail(userId: string, code: string): Promise<void>
 ```
 
 ### Parameters
 
 - `userId`
 - `code`: The one-time code of the email verification request.
-- `clientIP`
 
 ## Error codes
 

docs/pages/api-reference/rest/endpoints/post_authenticate_password.md

@@ -12,17 +12,17 @@ POST https://your-domain.com/authenticate/password
 
 ## Request body
 
-All fields are required.
-
 ```ts
 {
     "email": string,
-    "password": string
+    "password": string,
+    "client_ip": string
 }
 ```
 
-- `email`: A valid email address.
-- `password`: A valid password.
+- `email` (required): A valid email address.
+- `password` (required): A valid password.
+- `client_ip`: The client's IP address. If included, it will rate limit the endpoint based on it.
 
 ### Example
 

docs/pages/api-reference/rest/endpoints/post_password-reset-requests.md

@@ -14,21 +14,22 @@ POST https://your-domain.com/password-reset-requests
 
 ## Request body
 
-All fields are required.
-
 ```ts
 {
-    "email": string
+    "email": string,
+    "client_ip": string
 }
 ```
 
-- `email`
+- `email` (required): A valid email address.
+- `client_ip`: The client's IP address. If included, it will rate limit the endpoint based on it.
 
 ### Example
 
 ```json
 {
-    "email": "[email protected]"
+    "email": "[email protected]",
+    "client_ip": "0.0.0.0"
 }
 ```
 

docs/pages/api-reference/rest/endpoints/post_password-reset-requests_requestid_verify-email.md

@@ -14,21 +14,22 @@ POST https://your-domain.com/password-reset-requests/REQUEST_ID/verify-email
 
 ## Request body
 
-All fields are required.
-
 ```ts
 {
-    "code": string
+    "code": string,
+    "client_ip": string
 }
 ```
 
-- `code`: The email verification code for the password reset request.
+- `code` (required): The email verification code for the password reset request.
+- `client_ip`: The client's IP address. If included, it will rate limit the endpoint based on it.
 
 ### Example
 
 ```json
 {
-    "code": "9TW45AZU"
+    "code": "9TW45AZU",
+    "client_ip": "0.0.0.0"
 }
 ```
 

docs/pages/api-reference/rest/endpoints/post_reset-password.md

@@ -12,17 +12,17 @@ POST /reset-password
 
 ## Request body
 
-All fields are required.
-
 ```ts
 {
     "request_id": string,
-    "password": string
+    "password": string,
+    "client_ip": string
 }
 ```
 
-- `request_id`: A valid password reset request ID.
-- `password`: A valid password. Password strength is determined by checking it aginst past data leaks using the [HaveIBeenPwned API](https://haveibeenpwned.com/API/v3#PwnedPasswords).
+- `request_id` (required): A valid password reset request ID.
+- `password` (required): A valid password. Password strength is determined by checking it aginst past data leaks using the [HaveIBeenPwned API](https://haveibeenpwned.com/API/v3#PwnedPasswords).
+- `client_ip`: The client's IP address. If included, it will rate limit the endpoint based on it.
 
 ## Successful response
 

docs/pages/api-reference/rest/endpoints/post_users.md

@@ -14,24 +14,25 @@ POST https://your-domain.com/users
 
 ## Request body
 
-All fields are required.
-
 ```ts
 {
     "email": string,
-    "password": string
+    "password": string,
+    "client_ip": string
 }
 ```
 
-- `email`: A valid email address.
-- `password`: A valid password. Password strength is determined by checking it aginst past data leaks using the [HaveIBeenPwned API](https://haveibeenpwned.com/API/v3#PwnedPasswords).
+- `email` (required): A valid email address.
+- `password` (required): A valid password. Password strength is determined by checking it aginst past data leaks using the [HaveIBeenPwned API](https://haveibeenpwned.com/API/v3#PwnedPasswords).
+- `client_ip`: The client's IP address. If included, it will rate limit the endpoint based on it.
 
 ### Example
 
 ```json
 {
     "email": "[email protected]",
-    "password": "48n2r3tnaqp"
+    "password": "48n2r3tnaqp",
+    "client_ip": "0.0.0.0"
 }
 ```
 

docs/pages/api-reference/rest/endpoints/post_users_userid_update-password.md

@@ -0,0 +1,47 @@
+---
+title: "POST /users/[user_id]/update-password"
+---
+
+# POST /users/[user_id]/update-password
+
+Updates a user's password.
+
+```
+POST https://your-domain.com/users/USER_ID/update-password
+```
+
+## Request body
+
+```ts
+{
+    "password": string,
+    "new_password": string,
+    "client_ip": string
+}
+```
+
+- `password` (required): The current password.
+- `new_password` (required): A valid password. Password strength is determined by checking it aginst past data leaks using the [HaveIBeenPwned API](https://haveibeenpwned.com/API/v3#PwnedPasswords).
+- `client_ip`: The client's IP address. If included, it will rate limit the endpoint based on it.
+
+### Example
+
+```json
+{
+    "password": "48n2r3tnaqp",
+    "new_password": "a83ri1lw2aw",
+    "client_ip": "0.0.0.0"
+}
+```
+
+## Successful response
+
+No response body (204).
+
+## Error codes
+
+- [400] `INVALID_DATA`: Invalid request data.
+- [400] `WEAK_PASSWORD`: The password is too weak.
+- [400] `TOO_MANY_REQUESTS`: Exceeded rate limit.
+- [404] `NOT_FOUND`: The user does not exist.
+- [500] `UNKNOWN_ERROR`