search

adamspd / django-appointment

A Django app for managing appointment scheduling with ease and flexibility.
Apache License 2.0
95 stars 34 forks source link

User creation and password handling #114

Closed adamspd closed 6 months ago

adamspd commented 6 months ago

Improve security by letting users set their own passwords

This commit addresses a security concern where user accounts were automatically created with a predictable password. Instead of setting a password based on a predictable pattern (e.g., website name combined with the current year), we now generate a secure, random token for each new user. This token is used in a password reset or account activation link sent via email, allowing users to set or reset their passwords securely. This change ensures that user accounts remain secure and that users are fully aware of and in control of their account creation and password management processes.

codecov[bot] commented 6 months ago

Codecov Report

Attention: 7 lines in your changes are missing coverage. Please review.

Comparison is base (78889c7) 95.09% compared to head (7c5e6f7) 95.42%.

:exclamation: Current head 7c5e6f7 differs from pull request most recent head ce08aef. Consider uploading reports for the commit ce08aef to get more accurate results

Files Patch % Lines
appointment/views.py 81.57% 7 Missing :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #114 +/- ## ========================================== + Coverage 95.09% 95.42% +0.32% ========================================== Files 47 49 +2 Lines 5408 5721 +313 ========================================== + Hits 5143 5459 +316 + Misses 265 262 -3 ``` | [Flag](https://app.codecov.io/gh/adamspd/django-appointment/pull/114/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Adams+Pierre+David) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/adamspd/django-appointment/pull/114/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Adams+Pierre+David) | `95.42% <98.16%> (+0.32%)` | :arrow_up: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Adams+Pierre+David#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.