Open rudolphpienaar opened 2 years ago
This issue is available and similar to the one here, please read my comment.
https://github.com/FNNDSC/ChRIS_store/issues/57#issuecomment-1256651568
As a relatively large feature, doing a detailed proposal of how you would deliver a solution would count as a meaningful contribution for your Outreachy application. If you are interested in this issue then please draft a solution proposal and have me review it (before working on implementation),
Okay I will do just that
@jennydaman
i) User will provide the email they used to open their user account
ii) The email would be verified if it belongs to an existing user account
iii) If the email is successfully verified, a token that has limited time-to-live will be sent to their email to reset a new password
iv) The token would be used to fetch the user and change the password to the new one, as long the token has not expired
@jennydaman can I carry on with this issue now?
Tell me more details about iii.
sending an email with send grid/Gmail Step 1: getting a SendGrid API key
Step 2: Add a .env file for the SendGrid API key and email that would be used to send the mail
Step 3: Add a config/settings file that reads the env file Next, add the other email configuration in the settings file
Step 4: Have a class and function in view that does the logic
Token generator Step 1: I could use PasswordResetTokenGenerator from django.contrib.auth.tokens Or I could use rest_framework.authtoken
Good job doing research on programmatic email.
Currently ChRIS does not depend on any SaaS. Using SendGrid would be a big decision. Let's discuss a few more concerns:
1) Since Chris does not depend on any saas we could work with gmail smtp for sending emails. i) Its secured and free to use all we need is to have a .env file that we wont be adding to github that would have Chris gmail details ii) And a settings file that we would call the values in our .env file
2) For sending the email with the token we would have a template in the project the would house the token and a link to the frontend page i) The Frontend would send back the new password and the token to authenticate the user ii) I will work on both the the backend and the frontend
@jennydaman ...... waiting for your approval so I can start the issue
Instead of specifying it in .env
, it could also be configured in the /chris-admin/
dashboard. Here is a reference to how SMTP email server is configured in Nextcloud 23
Gmail might work, but it's not necessarily a good choice. I don't think Google's terms of service allows for automatic sending of emails from personal Gmail accounts. Moreover, we are still concerned about Google's privacy policy.
We could still use other mail sender there is alot of options and I know some of them allows their users automate things. Like Mail_Gun I used it on a Java projects sometime ago for an organization and its still works fine.
But if you are fine with Gmail SMTP then I will start working on it with your approval
I would like to work on this issue.... Is this issue still available