Closed htdvisser closed 5 years ago
A "Forgot Password" screen where the user has to enter their username and email in order to receive a temporary password.
Should it be username and email or just e-mail?
cc @kschiffer
It actually only works with username right now, so let's start with that.
I think that people are better at remembering their email address than their user name, so please file an issue to be able to (only) specify their email address.
I propose to implement it in a (new) "account" React app that will also have the screen I discussed in #265.
Isn't the OAuth react app already the "account" app you're describing here, @htdvisser?
Summary
Users should be able to reset their password using the web UI.
Old issue: https://github.com/TheThingsIndustries/lorawan-stack/issues/1123
Why do we need this?
Because not all users are comfortable with the API or CLI
What is already there? What do you see now?
We have the
CreateTemporaryPassword
RPC in theUserRegistry
service. HTTP binding isPOST /api/v3/users/{user_ids.user_id}/temporary_password
. This needs to be called with the user ID and Email Address. A successful call results in an email being sent to the user with a temporary password that the can only use to reset their password with theUpdatePassword
RPC in theUserRegistry
service.What is missing? What do you want to see?
The following screens in the Web UI of the Identity Server:
How do you propose to implement this?
Assigning @pgalic96 since he was already assigned to the original issue. Please discuss with @kschiffer the design. I propose to implement it in a (new) "account" React app that will also have the screen I discussed in #265. Note that the user does not need to be logged in for the screens proposed in this issue. Also note that these must not be implemented in the Console, since the Console must never have access to the user's password.