From e5cf9dff2e718a4ca88d4f9888686ec13db9118b Mon Sep 17 00:00:00 2001
From: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
Date: Mon, 9 Feb 2026 17:38:29 -0800
Subject: [PATCH] [PM-31497] use remove auth logic for remove password (#6929)

* [PM-31497] use remove auth logic for remove password

* [PM-31497] removing non-existent field
---
 src/Api/Tools/Controllers/SendsController.cs | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/src/Api/Tools/Controllers/SendsController.cs b/src/Api/Tools/Controllers/SendsController.cs
index 61002a0168..c04eae0904 100644
--- a/src/Api/Tools/Controllers/SendsController.cs
+++ b/src/Api/Tools/Controllers/SendsController.cs
@@ -387,19 +387,7 @@ public class SendsController : Controller
     [HttpPut("{id}/remove-password")]
     public async Task<SendResponseModel> PutRemovePassword(string id)
     {
-        var userId = _userService.GetProperUserId(User) ?? throw new InvalidOperationException("User ID not found");
-        var send = await _sendRepository.GetByIdAsync(new Guid(id));
-        if (send == null || send.UserId != userId)
-        {
-            throw new NotFoundException();
-        }
-
-        // This endpoint exists because PUT preserves existing Password/Emails when not provided.
-        // This allows clients to update other fields without re-submitting sensitive auth data.
-        send.Password = null;
-        send.AuthType = AuthType.None;
-        await _nonAnonymousSendCommand.SaveSendAsync(send);
-        return new SendResponseModel(send);
+        return await this.PutRemoveAuth(id);
     }
 
     // Removes ALL authentication (email or password) if any is present