-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Password change/reset feature #87
Comments
Hello and sorry for the late reply, I think the reset password is of out of the scope of the project (as a django app) and should definitively be handle by another app or website. Although maybe make it easier to display a link to a site/app responsible for doing that on the login page would be nice. I'll consider the change password functionality (and it's not more difficult to do for ldap than for sql). python-ldap3 already support the feature (cf https://ldap3.readthedocs.io/en/latest/microsoft.html) for simple bind to an AD (microsoft or samba alike) and the lib for hashing password for openldap userPassword attribute are already there. But how do you see the flow for a user changing password ? I'll guess if we allow user password change we also must enforce some sort of configurable password policy (at least for password strength and maybe for password history ?). Cheers |
No problem, thank you for responding! You are right in that the users don't usually linger on the CAS page itself for long.
As for password policy, there could be a default validator that could be swapped out in the settings if the developer wants to. Thank you! |
Hi!
Would it be possible to implement a password change/password reset functionality?
While the protocol doesn't mention this feature, the documentation does have a page for it here.
It would be relatively easy to implement a password change page for already logged in users for
DjangoAuthUser
andSqlAuthUser
backends, but i'm not sure about the others.Would this be still in scope for the project?
The text was updated successfully, but these errors were encountered: