[feature-proposal] Forgot password improvements
Bráulio Bhavamitra
braulio at eita.org.br
Thu Nov 7 11:00:59 BRST 2013
Perfect aurium
Em 05/11/2013 20:01, Aurélio A. Heckert <aurelio at colivre.coop.br> escreveu:
> Em 05-11-2013 19:45, Ewout ter Haar escreveu:
>
> On Tue, Nov 5, 2013 at 7:46 PM, Rodrigo Souto <rodrigo at colivre.coop.br> <rodrigo at colivre.coop.br> wrote:
>
>
> The user A has a cpf 123 and the user B as an rg 123. There is the
> plugin X that includes de verification by cpf and the plugin Y that
> includes the verification on rg. When the user A try to recover his
> password, he might, depending on the inner logics, be confused with the
> user B.
>
> Right! This is a big problem, but my proposal is to let the admin to
> select the search columns. We can believe the human eye will not make the
> conflict as the blind plugins... or not. :-p
>
> If the logic than sends two reset-emails, one to user A and one to
> user B, the worst that can happen is that user B will be annoyed, or
> confused.
>
> With "User.first", only the first found will receive the e-mail.
>
> Maybe not too bad a price to pay for increased usability?
>
> We may write a note to the admin on the controller to set "
> env.recover_passwd_columns" to guarantee a safe and simple interface to
> the common user.
>
> Another question is the risk for large amount of database queries. I
> guess that even with 100k users a lookup in a few table columns would
> not be very onerous, right?
>
> Hum... The fields may be not indexed, but i don't believe that will be a
> problem. (Guessing)
>
> Ewout
> _______________________________________________
> Noosfero-dev mailing listNoosfero-dev at listas.softwarelivre.orghttp://listas.softwarelivre.org/cgi-bin/mailman/listinfo/noosfero-dev
>
>
>
> --
>
> *Aurélio A. Heckert (aka Aurium)*
> http://softwarelivre.org/aurium
> *COLIVRE — Coop. de Tecnologias Livres*
> http://colivre.coop.br
>
> *Inkscape* — Desenhe Livremente
> http://inkscapeBrasil.org
>
> _______________________________________________
> Noosfero-dev mailing list
> Noosfero-dev at listas.softwarelivre.org
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/noosfero-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20131107/fe64348f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logoColivre_p.gif
Type: image/gif
Size: 5576 bytes
Desc: not available
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20131107/fe64348f/attachment-0001.gif>
More information about the Noosfero-dev
mailing list