Allow user to change their own password #85

perigrin · 2020-11-23T20:30:37Z

Allow the user to change their own password so that when a password reset is issued or they simply want to change their password they can.

karenetheridge · 2020-11-23T20:56:29Z

Note that when a user logs in and their user account is marked "must change password immediately", the POST /login includes a Location header of /user/me/password?clear_tokens=none (yes this is a lame way of indicating this.. but we have no 'GET /change_my_password' web page to redirect the user to in response), and the next request that comes from that authenticated user must be to POST /user/me/password to change the password, and it must occur within the next 10 minutes. The right thing to do in the shell here, after logging in and this response is received, is to issue another password prompt and then do the second POST to update the password.

perigrin added the enhancement New feature or request label Nov 23, 2020

perigrin added this to the 3.4 milestone Nov 23, 2020

perigrin self-assigned this Nov 23, 2020

perigrin removed this from the 3.4 milestone Dec 7, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow user to change their own password #85

Allow user to change their own password #85

perigrin commented Nov 23, 2020

karenetheridge commented Nov 23, 2020

Allow user to change their own password #85

Allow user to change their own password #85

Comments

perigrin commented Nov 23, 2020

karenetheridge commented Nov 23, 2020