Skip to content
This repository has been archived by the owner on May 10, 2019. It is now read-only.

add ability to change password #114

Closed
benadida opened this issue Aug 4, 2011 · 6 comments
Closed

add ability to change password #114

benadida opened this issue Aug 4, 2011 · 6 comments
Assignees
@shane-tomlinson
Labels
qa:verified ★★★
Milestone
Primary support

Comments

@benadida
Copy link
Contributor

benadida commented Aug 4, 2011

No description provided.

@ghost ghost assigned benadida Sep 30, 2011
@ghost ghost assigned shane-tomlinson Nov 21, 2011
@lloyd
Copy link
Contributor

lloyd commented Nov 21, 2011

reassigned to @shane-tomlinson

we need some UX feedback here.

lloyd added a commit that referenced this issue Nov 21, 2011
@lloyd
implement update_password api - prerequsite for frontend code of issue
1ab9ab4 
…#114 and for moving the bulk of bcrypt compute work over to webheads which is issue #560
@skinny97214
Copy link

We'll need to re-auth. This form has old pass/new pass. I'm omitting the confirm password field.

http://cl.ly/1N2G2a2K1l143F0j1F1e
http://cl.ly/0l3Q0j3N3x381T3D2b3i

@shane-tomlinson
Copy link

@lloyd - update_password is returning "success: true" no matter what the oldpass is. Bad jiji.

POST:

csrf    f588271cf2aa2228afaa82ad96d0f511
newpass newpassword
oldpass jibberish

RESPONSE:

{"success":true}

POST:

csrf    f588271cf2aa2228afaa82ad96d0f511
newpass anothernewpass
oldpass morejibberish

RESPONSE:

{"success":true}

@shane-tomlinson
Copy link

Reopening, passing to @lloyd for above comment - #114 (comment)

lloyd added a commit that referenced this issue Dec 20, 2011
@lloyd
add a unit test for update_password, will prevent regressions related…
a711b90 
… to issue #114
fmarier pushed a commit to fmarier/browserid that referenced this issue Dec 29, 2011
@lloyd
fix old password check in update_password api - closes mozilla#114
b6423f6
@ghost ghost reopened this Dec 29, 2011
@ghost
Copy link

ghost commented Dec 29, 2011

Verified on Windows XP + IE8.

When there are multiple email addresses associated to a BID account, only the email address used to reset the password is kept after changing the password from the a client.

@ghost
Copy link

ghost commented Dec 29, 2011

Verified as fixed on Windows XP + IE8 when using the manage page.

@ghost ghost closed this as completed Dec 29, 2011
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@shane-tomlinson shane-tomlinson

Labels
qa:verified ★★★
Projects
None yet
Milestone
Primary support
Development

No branches or pull requests
4 participants
@benadida @lloyd @skinny97214 @shane-tomlinson