Skip to content
This repository has been archived by the owner on Nov 23, 2022. It is now read-only.

Beginnings of password reset #80

Merged
merged 9 commits into from
Dec 20, 2021
Merged

Beginnings of password reset #80

merged 9 commits into from
Dec 20, 2021

Conversation

randomairborne
Copy link
Contributor

This needs to be made more robust, please review it.

Signed-off-by: valkyrie_pilot [email protected]

@randomairborne
Beginnings of password reset
72d532e 
Signed-off-by: valkyrie_pilot <[email protected]>
@randomairborne randomairborne self-assigned this Dec 19, 2021
@randomairborne randomairborne requested a review from a team as a code owner December 19, 2021 01:41
@hydrostaticcog
Copy link
Member

Is this designed to be a Forgot my password? or a way to change your password?

@randomairborne
Copy link
Contributor Author

Forgot my password. I can add another endpoint to simply check if you are who you are and then change your password, that's much simpler

hydrostaticcog
hydrostaticcog suggested changes Dec 19, 2021
View reviewed changes
Copy link
Member

@hydrostaticcog hydrostaticcog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Design is flawed. User should verify their intent via email, then change their password

tazz4843
tazz4843 suggested changes Dec 19, 2021
View reviewed changes
@tazz4843
Copy link
Member

I can add another endpoint to simply check if you are who you are and then change your password, that's much simpler

That already exists under edit_user, so this password reset would just be for forgot password yes.

Design is flawed. User should verify their intent via email, then change their password

The two of us talked about it in DMs, and she brought up some good points about it. This design is a bit weird yes, but I agreed it's good.

@randomairborne
Copy link
Contributor Author

Basically, we don't want to host a browser-oriented webpage on the API. Nothing with, say, an interface for changing your password. I do plan to remove the authorization requirement, so this can work as a forgot my password.

@hydrostaticcog hydrostaticcog added the enhancement New feature or request label Dec 19, 2021
hydrostaticcog
hydrostaticcog approved these changes Dec 20, 2021
View reviewed changes
Copy link
Member

@hydrostaticcog hydrostaticcog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works as intended on endeavourOS Linux x86-64 (kernel 5.14.12)

@tazz4843 tazz4843 merged commit 8a0ca96 into FerrisChat:develop Dec 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tazz4843 tazz4843 tazz4843 approved these changes

@hydrostaticcog hydrostaticcog hydrostaticcog approved these changes

Assignees

@randomairborne randomairborne

Labels
API enhancement New feature or request
Projects
No open projects
v1
Status: Completed
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@randomairborne @hydrostaticcog @tazz4843