Issue #275 has been updated by Clément Oudot. % Done changed from 0 to 30
Token expiration done in #290. This issue mentions two other features: * Password complexity: number of different characters types (upper, lower, digit, special) required * Email notification when password is changed ---------------------------------------- Feature #275: Added a couple of features http://tools.lsc-project.org/issues/275 Author: Jason Shugart Status: Assigned Priority: Normal Assigned to: Clément Oudot Category: Self Service Password Target version: self-service-password-0.5 I ran across the Self Service Password tool and really liked it. However, there were a couple of items that I thought might be useful. I coded the changes and have tested them a bit. Feel free to adjust as needed to throw out entirely. My changes: 1. Email notification whenever your password is changed. I added a $notify_on_change to the config, and if true sends an email to the user letting them know their password was changed. 2. Added a $mail_from variable to the config. This way any emails will have a valid return address. 3. Token expiration The previous code could potentially allow someone else to reset your password if they found the link in their email. I added an expiration time (default to 60 seconds) so any request after the 60 seconds to change the password will result in an invalid token. 4. Added a complex password check Much like the windows complexity check for 3 of the 4 character types (upper, lower, digits, special). 5. Fixed a couple of bugs in the check_password_strength function calls I'll attach the patch files. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
