Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reset flow for account reset #169

Closed
imaginator opened this issue Jul 11, 2014 · 1 comment
Closed

Reset flow for account reset #169

imaginator opened this issue Jul 11, 2014 · 1 comment
Assignees
@guilhermesgb
Labels
enhancement

Comments

@imaginator
Copy link
Member

Another question:
Another question: Why the reset password doesn't require authentication (according to http://buddycloud.com/slate-api#reset-password)? If some knows our buddycloud url & username, it's easy for them to resetting user password right?
CMIIW
Visitor • 8 mins
indeed that is an issue and we're going to change it.
I'll log an issue for that now.
6 mins
Simon Tennant
Visitor Four
Ok, right now i'm trying to create a library for buddycloud API (againts your hosting platform), and if found an issues, can i just paste it in here right?
buddycloud REST API
@abmargb
Copy link
Collaborator

abmargb commented Oct 24, 2014

The reset endpoint can't require authentication in anyway. On the other hand, we need to improve the reset flow so we don't send plain text passwords to the user's inbox.

I'm closing this in favour of #166.

@abmargb abmargb closed this as completed Oct 24, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@guilhermesgb guilhermesgb

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@abmargb @guilhermesgb @imaginator