API for password recovery (#288)

Activities

wojciech.kapcia@tigase.net opened 1 decade ago

Create API providing means of validating addresses as well as password recovery. Underlying schema comprising of addresses should be as follows:

Schema: (jid, id, protocol, address, time, validated)
jid = foreign key to tig_users
id = BASE64(SHA256(jid, protocol, address, time, random))
protocol = protocol used to validate the account (np. mail,xmpp,itp)
address = address used to validate the account (np. xyz@tigase.org)

Enabling verification should be configurable.

Artur Hefczyc commented 9 years ago

I see some work has been done for this already, is it completed yet?

wojciech.kapcia@tigase.net commented 9 years ago

Work was related mostly to specifying and started implementation of the API.

Artur Hefczyc commented 9 years ago

Let's postpone it for version 7.2 then

Andrzej Wójcik (Tigase) commented 7 years ago

Some parts of this task or subtasks were done during the development of password reset mechanism in task #6212. For now we support only email based password reset but existing mechanism can be extended when we will be working on this task.

wojciech.kapcia@tigase.net batch edited 6 months ago

Name	Previous Value	Current Value
Iterations	empty	Candidate for next major release

Type	New Feature
Priority	Blocker
Assignee	wojciech.kapcia@tigase.net
RedmineID	1748
Version	Candidate for next major release
Estimation	24h
Spent time	57h

Iterations

Candidate for next major release Open

#889 Closed

Changes in the authentication mechanism

Depend

Issue Votes (0)

Watchers (2)

Reference

tigase/_server/server-core#288