I'd say submit a patch. These both sound like great ideas. -Nb
On 4/2/06 11:39 AM, "David Corbin" <[EMAIL PROTECTED]> wrote: > login_engine is good. But there are two things about that I "dislike". I've > been thinking of develop a patch for them, but I'd like some sense that the > patch goals are agreed with, and thus making it likely to be accepted? > > 1) Sending out the password in email is just plain bad. I know I can probably > replace the view, but I'd rather see it as an configuration option. > > 2) When a password is forgotten, a secondary authentication token is email to > the user. As near as I can tell, that authentication token does general > authentication, until it expires. I much prefer a model where that token is > necessary to change the password, and that's all it is good for. And when > the password is changed the token is invalidated. > > Should I make patch, or just fork it? > > David > _______________________________________________ > engine-users mailing list > [email protected] > http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Nathaniel S. H. Brown http://nshb.net ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _______________________________________________ engine-users mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org
