You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Users need to be able to reset their password if they forget it.
How to do it:
A new message template is needed for the password-reset message
Create a user-pw-reset.py script which generates a reset-token (random number), renames the user's JSON storage file, and sends an e-mail to the user with instructions.
Ensure that hoipoi.js recognizes reset tokens and handles appropriately.
Add a method to hoipoi.js which invokes user-pw-reset.py
Create a basic user-interface
Discussion:
One of the main design principles of Hoi Poi is to keep the back-end scripts as minimal and simple as possible, both so they can be reimplemented in other languages and to prevent exploitable bugs in the server.
One way to solve this would be to implement PBKDF2 in the back-end and generate new, valid passwords - however that both duplicates critical functionality and increases the back-end dependencies and complexity significantly. Depending on the UI, this might also create temptation for users to simply use the reset token as a password long term, which means compromising their e-mail account would immediately and undetectably result in a compromise of their Hoi Poi account.
Instead, I propose that password-reset-tokens simply be strongly random (generated by user-pw-reset.py) and be used directly in the JSON storage file name (instead of hashing with PBKDF2). The Javascript log-in code should detect that a reset code was used and require the user set a new password immediately (preferably offering to generate a strongly random one for the user). To further enforce this, the user-up.py script could be modified to refuse updates to JSON files which contain reset tokens (so a reset token should have the word "reset" in it, or something equivalent).
This issue probably depends on #3 being fixed first (to enable the user to change passwords).
The text was updated successfully, but these errors were encountered:
Users need to be able to reset their password if they forget it.
How to do it:
Discussion:
One of the main design principles of Hoi Poi is to keep the back-end scripts as minimal and simple as possible, both so they can be reimplemented in other languages and to prevent exploitable bugs in the server.
One way to solve this would be to implement PBKDF2 in the back-end and generate new, valid passwords - however that both duplicates critical functionality and increases the back-end dependencies and complexity significantly. Depending on the UI, this might also create temptation for users to simply use the reset token as a password long term, which means compromising their e-mail account would immediately and undetectably result in a compromise of their Hoi Poi account.
Instead, I propose that password-reset-tokens simply be strongly random (generated by user-pw-reset.py) and be used directly in the JSON storage file name (instead of hashing with PBKDF2). The Javascript log-in code should detect that a reset code was used and require the user set a new password immediately (preferably offering to generate a strongly random one for the user). To further enforce this, the user-up.py script could be modified to refuse updates to JSON files which contain reset tokens (so a reset token should have the word "reset" in it, or something equivalent).
This issue probably depends on #3 being fixed first (to enable the user to change passwords).
The text was updated successfully, but these errors were encountered: