Hello list, On Sun, Sep 21, 2008 at 8:23 AM, Samuel Murray (Groenkloof) <[EMAIL PROTECTED]> wrote: > Israel Saeta Pérez wrote: > >> The automated process could be: >> 1) The user clicks the "I've lost my password" link and enter his username. >> 2) A random password reset hash code is generated and associated to >> the user_id and the current date in a (special) table. >> 3) The hash code is sent to the user's email. >> 4) The user access a special URL with the code in it, like >> http://example.org/passwordrecovery/ahx4bFj84DjunX0hax0r, in less than >> 24h. >> 5) The user sets his new password. > > I have no objection to this method, or any other method, but who would > be coding it? The problem with such elegant solutions is that they > require extensive coding. This is the reason for my temporary solution > -- it requires only a few simple changes to the HTML templates, and > perhaps one static HTML file.
I totally agree: the first inmediate thing to tackle would be the mail-to-admin solution, since it looks really easy to implement and later the automatic method, only if somebody is keen on implementing it. Unfortunately I've never touched a line of jToolkit but I have some SQLAlchemy an Python skills, if it helps. > Pootle currently requires activation of an account. This is not ideal, > IMO, because the user must remember what password he had chosen when he > registered. The act of activation does not automatically log in the > user. The user must also remember his username. This may seem a > trivial thing, but looking at the HTTP logs I can tell you that new > users often get their usernames wrong the first time they try to log in > (and I can only wonder how many users we lose because of that). A > common problem is capitalisation (as user names are case-sensitive). Isn't his username mentioned in the activation email? Or there isn't any activation email? Sorry for so newbie question. Anyways, I guess the login function could be hacked to accept email addresses instead of usernames too. > If there is going to be extensive coding, perhaps we should look at the > whole issue of registration and not just lost passwords. Why not? But I don't know how high is this in the Pootle development priority list. -- Israel ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Translate-pootle mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/translate-pootle
