Page MenuHomePhorge

Password reset link
ClosedPublic

Authored by machniak on Jan 14 2022, 2:49 PM.
Tags
None
Referenced Files
F11719782: D3301.id9388.diff
Sat, Apr 13, 6:31 PM
F11719704: D3301.id9373.diff
Sat, Apr 13, 6:20 PM
Unknown Object (File)
Wed, Apr 10, 12:21 AM
Unknown Object (File)
Sun, Apr 7, 9:48 AM
Unknown Object (File)
Thu, Apr 4, 11:30 AM
Unknown Object (File)
Thu, Apr 4, 4:47 AM
Unknown Object (File)
Sat, Mar 30, 2:18 PM
Unknown Object (File)
Thu, Mar 28, 10:50 PM
Subscribers
Restricted Project

Details

Reviewers
vanmeeuwen
mollekopf
Group Reviewers
Restricted Project
Commits
rK566da9b3c5f9: Password reset link
Test Plan

./phpunit

Diff Detail

Repository
rK kolab
Branch
dev/password-link
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 38026
Build 15376: arc lint + arc unit

Event Timeline

machniak created this revision.
  • Merge branch 'master' into dev/password-link
vanmeeuwen subscribed.
vanmeeuwen added inline comments.
src/app/Http/Controllers/API/PasswordResetController.php
158

password reset codes should be valid for a far shorter period, perhaps as long as 24 hours but no more.

src/app/Http/Controllers/API/V4/UsersController.php
494

min:4 => min:6
max:2048 => max:255

src/app/Observers/VerificationCodeObserver.php
44

isn't that a database schema thing already?

src/app/VerificationCode.php
27

Here's it 8 hours, elsewhere I see 7 days.

src/tests/Browser/UsersTest.php
96–99

Can we $john $user?

This revision now requires changes to proceed.Jan 14 2022, 2:58 PM
  • Fixes requsted in the diff, set expiration time to 24h
  • Merge branch 'master' into dev/password-link
  • Fix order of codes in password reset link
This revision was not accepted when it landed; it landed in state Needs Review.Jan 27 2022, 2:39 PM
Closed by commit rK566da9b3c5f9: Password reset link (authored by machniak). · Explain Why
This revision was automatically updated to reflect the committed changes.