Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.younegotiate.com/llms.txt

Use this file to discover all available pages before exploring further.

Real-World Example

Sarah works for ABC Collections and forgets her password. She opens the Forgot Password page and enters her work email address. If that email belongs to a creditor user, the system sends a password reset link. Sarah opens the link, enters a new password, confirms it, and saves. The next time she logs in, the old password should no longer work and the new password should work.

Visual Flow

How It Should Work

  • The user should request a password reset using their registered email address.
  • The reset flow should send a reset link when the account exists and the request is allowed.
  • The reset page should require a new password and confirmation.
  • The new password should follow the system’s password rules.
  • After reset, the user should be able to log in with the new password.

How It Should Not Work

  • It should not reset a password without a valid reset request.
  • It should not accept a weak or unconfirmed new password.
  • It should not reveal private account details during the reset request.
  • It should not allow unlimited reset requests in a short period.

Developer Notes

  • Protect login, registration, verification, and password reset redirects from sending users to the wrong portal state.
  • Any new auth path should preserve creditor company ownership and email verification behavior.
  • routes/creditor/auth.php
  • app/Livewire/Creditor/Auth
Last modified on May 25, 2026