On 23/07/15 15:53, Mads Kiilerich wrote: > On 07/19/2015 03:35 PM, Andrew Shadura wrote: >> # HG changeset patch >> # User Andrew Shadura <[email protected]> >> # Date 1431821238 -7200 >> # Sun May 17 02:07:18 2015 +0200 >> # Node ID 98cb64feddfb89f106f66763462061fd2ca3f412 >> # Parent f103b1a2383bc4fba5d28f9732ba832025e3bf00 >> secure password reset implementation > > A couple of other things:
> It should make sure it doesn't go too far with changing passwords when > using external authentication (but also not reveal too much information > too early). (I guess it would be nice if each authentication module had > a customizable "tell the user how to change the password" string...) Right, I have to fix this. > The user is redirected to a " Code you received in the email" page ... > but the mail only contains a URL - no mentioning of any code. Could you please check once more? Because it's one of the things I have fixed in this revision of the patch. -- Cheers, Andrew _______________________________________________ kallithea-general mailing list [email protected] http://lists.sfconservancy.org/mailman/listinfo/kallithea-general
