-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reset account password #8
Comments
I would love to contribute and I was wondering, what behaviour you want for password resets? |
I was thinking of using JWT in the same way it is used for the activation email, just need to ensure that the token validity is pretty short (10 minutes ?). |
Ok yeah I already started doing that. I was thinking that it would be good to return the same message whether or not the user email is found but just add an attempt or something. |
Absolutely, I need to think about the whole attempt system before implementing. |
Whenever you get time you could put up some idea of implementation, and I could start work |
Sure I'll try and find some time this evening and get back to you :) |
Maybe just a basic database table with |
Okay cool, I should have some stuff ready for a PR at some point soon. |
No description provided.
The text was updated successfully, but these errors were encountered: