Page MenuHomekolab.org

Password reset link
Needs ReviewPublic

Authored by machniak on Fri, Jan 14, 2:49 PM.

Details

Reviewers
vanmeeuwen
Group Reviewers
Restricted Project
Test Plan

./phpunit

Diff Detail

Repository
rK kolab
Branch
dev/password-link
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 38026
Build 15376: arc lint + arc unit

Event Timeline

machniak requested review of this revision.Fri, Jan 14, 2:49 PM
machniak created this revision.
machniak updated this revision to Diff 9382.Fri, Jan 14, 2:51 PM
  • Merge branch 'master' into dev/password-link
vanmeeuwen requested changes to this revision.Fri, Jan 14, 2:58 PM
vanmeeuwen added a subscriber: vanmeeuwen.
vanmeeuwen added inline comments.
src/app/Http/Controllers/API/PasswordResetController.php
158

password reset codes should be valid for a far shorter period, perhaps as long as 24 hours but no more.

src/app/Http/Controllers/API/V4/UsersController.php
494

min:4 => min:6
max:2048 => max:255

src/app/Observers/VerificationCodeObserver.php
44

isn't that a database schema thing already?

src/app/VerificationCode.php
27

Here's it 8 hours, elsewhere I see 7 days.

src/tests/Browser/UsersTest.php
96–99

Can we $john $user?

This revision now requires changes to proceed.Fri, Jan 14, 2:58 PM
machniak updated this revision to Diff 9388.Fri, Jan 14, 3:28 PM
  • Fixes requsted in the diff, set expiration time to 24h
machniak updated this revision to Diff 9394.Tue, Jan 18, 12:52 PM
  • Merge branch 'master' into dev/password-link