SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hey guys ! 
Is there a way to validate the reset-password token (/auth/user/password/reset)  without actually resetting the password
We'd like to display a reset password form only if the token is valid

hey <@1028977947522121820> this is interesting..

so you could override the createPasswordResetToken recipe function on the backend to call the original implementation first, which would return a token. 

Then you save the token in your db before returning it from the function

Then you can make an API on your backend which takes in a password reset token and checks if it exists in your db. If it does, it's valid.

Finally, you want to remove that password reset token from your db after a certain amount of time, or if it's successfully consumed