SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

change password validation:
Hi guys! i'm implementing change password flow according to your docs, and i've noticed that there is no validation for the new password as with signUp (no errors like "Password must contain at least one alphabet", etc.)
How this can be achieved? Really don't want to re-implement this feature.
And do you have plans to include change password into your middleware? I think it actually should be there...

Also would be nice to send email confirmation on password change.

Hey <@1079847195353808997> this is a known issue. We will be changing the function to add password validation to the `updateEmailOrPassword` function as well.

But until then, you will have to reimplement the password policy for this custom API.