API for password recovery (#288)

Activities

Wojciech Kapcia (Tigase) opened 1 decade ago

Create API providing means of validating addresses as well as password recovery. Underlying schema comprising of addresses should be as follows:

Schema: (jid, id, protocol, address, time, validated)
jid = foreign key to tig_users
id = BASE64(SHA256(jid, protocol, address, time, random))
protocol = protocol used to validate the account (np. mail,xmpp,itp)
address = address used to validate the account (np. xyz@tigase.org)

Enabling verification should be configurable.

Artur Hefczyc commented 9 years ago

I see some work has been done for this already, is it completed yet?

Wojciech Kapcia (Tigase) commented 9 years ago

Work was related mostly to specifying and started implementation of the API.

Artur Hefczyc commented 9 years ago

Let's postpone it for version 7.2 then

Andrzej Wójcik (Tigase) commented 7 years ago

Some parts of this task or subtasks were done during the development of password reset mechanism in task #6212. For now we support only email based password reset but existing mechanism can be extended when we will be working on this task.

Wojciech Kapcia (Tigase) batch edited 9 months ago

Name	Previous Value	Current Value
Iterations	empty	Candidate for next major release

Type	New Feature
Priority	Blocker
Assignee	Wojciech Kapcia (Tigase)
RedmineID	1748
Version	Candidate for next major release
Estimation	24h
Spent time	57h

Iterations

Candidate for next major release Open

#889 Closed

Changes in the authentication mechanism

Depend

Issue Votes (0)

Watchers (2)

Reference

tigase/_server/server-core#288