[Yanel-dev] thoughts on forgotten password handling (thru E-mail)
Guillaume Déflache
guillaume.deflache at wyona.com
Tue Jun 16 19:28:38 CEST 2009
Hi!
I prefer writing them here instead of in the bug to ease preliminary
discussions, but please also cf.
http://bugzilla.wyona.com/cgi-bin/bugzilla/show_bug.cgi?id=7164
Synopsis:
- provide a page where the unfortunate user can enter its E-mail address
and login (in the general case that is, for some projects login may be
guessable by searching among users for the given E-mail address, but I
am not sure there are always relateable)
- confirming the form should send a (plain text) E-mail containing a
confirmation URL with a secret token (e.g. MD5 hash) and a
human-readable deadline date for visiting the URL
- going to that URL within a (configurable) amount of time
(corresponding to the above deadline) should allow the user to enter a
new password as usual (we'd better not set the password automatically
for him since this involves showing it on the screen in some way, and he
may as well forget this new, foreign one anyway)
- confirming that form would then change the password
Implementation thoughts:
- the whole implementation should be contained in a single RT directory
(e.g. "password-reset-thru-Email") for easy integration
- we may not need 2 resource-types there: "reset-password" for the
initial page,
"reset-password?token=0b8d407b-cfb3-45c0-b37a-5d7c3a6c8f70" for the
linked page
- secret-token/login/E-mail-address/deadline-date tuples needs to be
stored somewhere
- we could do that in memory as losing them is not a big deal: users
can request a password reset anew in case of server restarts
- but then isn't that an issue for clustering? we would have to
direct the user to the same cluster node where he issued the original
request
- we might be able to reuse the original code and UI for the second form
and following action as it should be similar to the change-password use-case
- TODO: see if we could/already share the SMTP config globally in Yanel
with other RTs ("contact" comes to mind)
- TODO: see how to segregate that work cleanly from other (non-password
based) authentication schemes, e.g. OpenID which is already (almost)
supported
- TODO: there may be other ways than E-mail to check the user's identity
(sending an SMS), so better take that into account when naming and in
general designing stuff!
WDYT?
Cheers,
Guillaume
More information about the Yanel-development
mailing list