Password Reset Via email Project -gsoc midterm presentation

Hello below is a presentation of my gsoc progress till midterm. I will appreciate any suggestions and criticism.

github link to project

Pending pull request

project wiki

project design post GSoC 2018 - Reset Password via Email Project

1 Like

Cc @wyclif @burke

Nice work, @harisu. :slight_smile:

I would prioritize getting REST endpoints working for the workflow – i.e. at a minimum:

  1. email property on user resource can be set and retrieved with appropriate permissions (I’d assume getting user email addresses except for the current user might take additional privilege beyond simply Get Users)
  2. Client can POST a password reset request and the response is the same whether or not username or email address exists (i.e., to avoid exposing existence of usernames or email addresses to anonymous requests)
  3. Client can POST a password reset token to password reset request and to validate it (so application can tell if user’s token is valid)
  4. Client can POST a valid password reset token along with new password to change the user’s password.

Front-end use of the API and even sending email messages could be added later as long as the REST endpoints exist. If the REST endpoints aren’t complete (part of core) by the end of GSoC, then it will be far more work for someone to pick up where you have left off.

Could you edit your original post to include relevant links (links to your project’s wiki page and relevant code repository or branch)?

Thank you @harisu for the presentation, good work so far! I hope everything that @burke mentioned is clear to you, and can you please share the link to branch in the git repository?

@burke Thanks very much for those points i really appreciate it i will commence with addressing those immediately i finished with the pending pull request and it’s merged.