Force reset password #18914
Force reset password #18914
Conversation
Signed-off-by: Jonas <jonas.blaesche@uni-konstanz.de>
Signed-off-by: Jonas <jonas.blaesche@uni-konstanz.de>
ein-giga-self
force-pushed
the
force-reset-password
branch
from
da9edff
to
1536696
Compare
gary-kim
added
3. to review
|
Welcome! |
| $token = $this->config->getUserKeys($userId, 'login_token')[0]; | ||
| $token = str_replace('/', 'A', $token); | ||
|
|
||
| if($token === $token) { |
|
|
||
| if($this->config->getUserValue($user, 'core', 'initial') === 'true') { | ||
| $token = $this->config->getUserKeys($user, 'login_token')[0]; | ||
| $token = str_replace('/', 'A', $token); |
There was a problem hiding this comment.
Is this about making the value a get parameter? If so please use urlencode.
| if($this->config->getUserValue($userId, 'core', 'initial') === 'true') | ||
|
|
||
| $token = $this->config->getUserKeys($userId, 'login_token')[0]; | ||
| $token = str_replace('/', 'A', $token); | ||
|
|
||
| if($token === $token) { | ||
| return true; | ||
| } |
There was a problem hiding this comment.
That change makes it possible to overtake any account if you know the userId and the user has not changed the password yet.
| @@ -594,6 +598,9 @@ public function editUser(string $userId, string $key, string $value): DataRespon | |||
| $this->accountManager->updateUser($targetUser, $userAccount); | |||
| } | |||
| break; | |||
| case 'initial': | |||
There was a problem hiding this comment.
Please create a constant like AccountManager::PROPERTY_INITIAL
| @@ -520,6 +523,7 @@ public function editUser(string $userId, string $key, string $value): DataRespon | |||
| $permittedFields[] = AccountManager::PROPERTY_WEBSITE; | |||
| $permittedFields[] = AccountManager::PROPERTY_TWITTER; | |||
| $permittedFields[] = 'quota'; | |||
| $permittedFields[] = 'initial'; | |||
There was a problem hiding this comment.
Could you find something more specific? Perhaps forcePasswordReset? initial is very generic.
| @@ -306,6 +306,13 @@ public function tryLogin(string $user, | |||
| $result->getErrorMessage() | |||
| ); | |||
| } | |||
|
|
|||
| if($this->config->getUserValue($user, 'core', 'initial') === 'true') { | |||
| $token = $this->config->getUserKeys($user, 'login_token')[0]; | |||
There was a problem hiding this comment.
OK. The right way to do this:
Take the password reset token logic from NewUserMailHelper. Perhaps we need to find a better way for this. A generatePasswordResetToken method. If the user login and initial is set generate a password reset token and forward the user.
| @@ -349,6 +349,9 @@ public function addUser(string $userid, | |||
| 'app' => 'ocs_api', | |||
| ]); | |||
| } | |||
| } else { | |||
| //Password was provided by the admin | |||
There was a problem hiding this comment.
Case 1: No password, No email = failure
Case 2: No password, Email given = username and password reset link is mailed to user
Case 3: Password given, Email given = username is mailed to user
Case 4: Password given, No email = password reset forced after login
At least that must be documented somewhere. I'm against any more magic here. I don't think the behaviour is guessable or intuitive even without this pr. We should explain what Nextcloud is actually are going to do and/or give the admin a change to pick the action.
There was a problem hiding this comment.
Also Password given, No email is what I usually do for developing 🤣 Need to test something with a different user. Create user with password and no email, Login => Forced password reset 😠
I know that's unusual but this PR is a behavioural change. I'm sure there is someone out there happy with the current approach. People will complain about this change if there is no way to turn it off.
For example: A self-service for account creation. People are able to create a user account for Nextcloud with a internal tool. Password is only visible to user. With this change they have to reset their password again for a account just created seconds ago.
rullzer
added
2. developing
|
As there is no feedback since a while I will close this PR. If you are still willing to get this in, please address the potential comments and rebase to latest master. Then, feel free to re-open. |
|
hi @ein-giga-self |
Added a functionality that forces users to reset their password on first login, if the initial password was set by the admin