ArktinenKarpalo
commented
6 months ago I think that it suffices for now that admin can set the password for any user. Other mentioned things would be nice to have, but not necessary for the initial release.
In the old RV admins can reset users' forgot passwords. It is planned to allow users to do the same but this would require further integration into our mail service, verification of user emails/matching RV accounts to TKO-äly accounts and gathering correct user emails/info in the first place as currently many accounts are missing both full names and a correct univident.
If this takes too long or is too blocking for bringing the new RV into production we should in the meantime implement features to allow admins to reset user passwords.
Ideally the admin should be able to mark the user password as reset and/or get a temporary password for the user to login with.
The user frontend could prompt for setting a new password after logging in for the first time after the reset. This would require information on the client whether the password has been reset after last login.