End-to-end integration test for the full reset loop.
- Request reset → capture the email via Mailpit's REST API (
/api/v1/messages) → extract the token → call the reset endpoint → assert the password changed and the token is single-use.
- Use Testcontainers (PostgreSQL + Mailpit) where feasible.
End-to-end integration test for the full reset loop.
/api/v1/messages) → extract the token → call the reset endpoint → assert the password changed and the token is single-use.