Page MenuHomePhorge

Password reset link
ClosedPublic

Authored by machniak on Jan 14 2022, 2:49 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Sun, Oct 27, 1:44 PM
Unknown Object (File)
Thu, Oct 24, 8:05 AM
Subscribers
Restricted Project

Details

Reviewers
vanmeeuwen
mollekopf
Group Reviewers
Restricted Project
Commits
rK566da9b3c5f9: Password reset link
Test Plan

./phpunit

Diff Detail

Repository
rK kolab
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

machniak created this revision.
  • Merge branch 'master' into dev/password-link
vanmeeuwen subscribed.
vanmeeuwen added inline comments.
src/app/Http/Controllers/API/PasswordResetController.php
158

password reset codes should be valid for a far shorter period, perhaps as long as 24 hours but no more.

src/app/Http/Controllers/API/V4/UsersController.php
494

min:4 => min:6
max:2048 => max:255

src/app/Observers/VerificationCodeObserver.php
44

isn't that a database schema thing already?

src/app/VerificationCode.php
27

Here's it 8 hours, elsewhere I see 7 days.

src/tests/Browser/UsersTest.php
96–99

Can we $john $user?

This revision now requires changes to proceed.Jan 14 2022, 2:58 PM
  • Fixes requsted in the diff, set expiration time to 24h
  • Merge branch 'master' into dev/password-link
  • Fix order of codes in password reset link
This revision was not accepted when it landed; it landed in state Needs Review.Jan 27 2022, 2:39 PM
Closed by commit rK566da9b3c5f9: Password reset link (authored by machniak). · Explain Why
This revision was automatically updated to reflect the committed changes.