Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Login form changes for lost password #749

Closed
robocoder opened this Issue · 5 comments

2 participants

@robocoder
Collaborator
  • error message (or redirect to Login screen) instead of a blank page when requesting a new password but user doesn't exist
  • "Remind password" is a misnomer for this button when it in fact sends a new password; change text to "Send Password Reset" and send email with link to a password reset form (see comment:5)
  • If sendmail isn't configured, it would be nice to include more validation before resetting passwords.
@robocoder
Collaborator
  • include IP address of requester in the email message
@robocoder
Collaborator

Third bullet item fixed in #815.

@mattab
Owner

Also (but probably not included in this ticket) we should not reset the password by default. Instead the email should contain a link to the piwik install that would then reset the password and show it to the user on the screen (or leave him change it see #526). Reset the password by default can be misused and annoy users.

@robocoder
Collaborator

In [1415], fixes #749 - Login form changes

  1. Lost password form now sends an email with reset instructions and link to a password change form instead of changing the password.
  2. Added password change form which requires input of a generated token (valid for 24 hrs).
  3. Fix $urlToRedirect handling; refactoring; phpdoc comments; minor reformatting
@robocoder
Collaborator

In [1418], refs #749 - fix redirect after install

@robocoder robocoder added this to the Piwik 0.4.4 milestone
@robocoder robocoder self-assigned this
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.