diff --git a/api/src/modules/auth/authentication.controller.ts b/api/src/modules/auth/authentication.controller.ts
index d9115034..e21c258d 100644
--- a/api/src/modules/auth/authentication.controller.ts
+++ b/api/src/modules/auth/authentication.controller.ts
@@ -76,7 +76,7 @@ export class AuthenticationController {
       authContract.requestPasswordRecovery,
       async ({ body: { email } }) => {
         await this.commandBus.execute(
-          new RequestPasswordRecoveryCommand(email),
+          new RequestPasswordRecoveryCommand(email, origin),
         );
         return {
           body: null,
diff --git a/api/src/modules/auth/commands/request-password-recovery.command.ts b/api/src/modules/auth/commands/request-password-recovery.command.ts
index 32ad4cab..6528baf5 100644
--- a/api/src/modules/auth/commands/request-password-recovery.command.ts
+++ b/api/src/modules/auth/commands/request-password-recovery.command.ts
@@ -1,3 +1,6 @@
 export class RequestPasswordRecoveryCommand {
-  constructor(public readonly email: string) {}
+  constructor(
+    public readonly email: string,
+    public readonly origin: string,
+  ) {}
 }
diff --git a/api/src/modules/users/users.service.ts b/api/src/modules/users/users.service.ts
index 783f77a5..a8a542bb 100644
--- a/api/src/modules/users/users.service.ts
+++ b/api/src/modules/users/users.service.ts
@@ -1,13 +1,17 @@
-import { ConflictException, Injectable } from '@nestjs/common';
+import {
+  ConflictException,
+  Injectable,
+  UnauthorizedException,
+} from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
 import { User } from '@shared/entities/users/user.entity';
 import { Repository } from 'typeorm';
-import * as bcrypt from 'bcrypt';
 
 import { AppBaseService } from '@api/utils/app-base.service';
 import { CreateUserDto } from '@shared/dtos/users/create-user.dto';
 import { UpdateUserDto } from '@shared/dtos/users/update-user.dto';
 import { AppInfoDTO } from '@api/utils/info.dto';
+import { RequestEmailUpdateDto } from '@shared/dtos/users/request-email-update.dto';
 @Injectable()
 export class UsersService extends AppBaseService<
   User,
@@ -31,7 +35,7 @@ export class UsersService extends AppBaseService<
     return this.userRepository.findOne({ where: { email } });
   }
 
-  async createUser(newUser: Partial<User>) {
+  async saveUser(newUser: Partial<User>) {
     const existingUser = await this.findByEmail(newUser.email);
     if (existingUser) {
       throw new ConflictException(`Email ${newUser.email} already exists`);
@@ -39,11 +43,6 @@ export class UsersService extends AppBaseService<
     return this.userRepository.save(newUser);
   }
 
-  async saveNewHashedPassword(user: User, newPassword: string) {
-    user.password = await bcrypt.hash(newPassword, 10);
-    return this.userRepository.save(user);
-  }
-
   async delete(user: User) {
     return this.userRepository.remove(user);
   }
@@ -52,4 +51,11 @@ export class UsersService extends AppBaseService<
     const user = await this.userRepository.findOneBy({ id });
     return user.isActive;
   }
+
+  async requestEmailUpdate(user: User, dto: RequestEmailUpdateDto) {
+    const { email, newEmail } = dto;
+    if (user.email !== email) {
+      throw new UnauthorizedException();
+    }
+  }
 }