search

ayik / alumnisangam

Automatically exported from code.google.com/p/alumnisangam
0 stars 0 forks source link

Password recovery not working well with two users with same email ID #44

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Create user 1 with email id address1@mail.com
2. Create user 2 with email id address2@mail.com
3. Edit user 2's email to address1@mail.com
4. "recover password" for "address1@mail.com"

What is the expected output? What do you see instead?
Either:
a. Upon entering address1@mail.com, the system should give an option of 
"which user" we want to recover the pwd of, or
b. An email should be sent to address1@mail.com with _all_ the usernames 
associated with address1@mail.com and reset passwords for each.

I prefer solution 2, with a "notification" in the thanks message saying the 
password for $number usernames has been sent to $emailAddress

Instead, I get ONE email at address1@mail.com, with the access details of 
only _one_ user. Testing shows that the other username's password did not 
even change!

Original issue reported on code.google.com by animesh on 4 Apr 2009 at 9:40

GoogleCodeExporter commented 8 years ago 
Ideally no 2 users should have the same email ID.

So, this should be fine.

Please confirm, so that we can put a unique email check in the application.

Original comment by gs.bajaj on 17 May 2009 at 1:08

GoogleCodeExporter commented 8 years ago 
Not true.Same email can be used by multiple users in at least the following 
cases:
1. Father and son are alumni. Child creates ID for parent.
2. Multiple users in a chapter (say delhi) do not have IDs, so we create 
usernames
for them using a common chapter-administered ID. 

To summarize, please implement the following algo:
1. if multiple userIDs are there for same email
1.1 reset all pwds to individually unique ones. 
1.2 send individual email for each pwd reset.
1.3 send email to admin@itbhuglobal saying that pwds for multiple IDs were 
changed by
a request. Mention the email, and the list of IDs.
2. It is is only one userID
2.1 like 1.1, but for only one.
2.2 like 2.2, but only for one
2.3 no need to send email to admin

Original comment by animesh on 17 May 2009 at 1:26

GoogleCodeExporter commented 8 years ago 
Done.

Original comment by gs.bajaj on 17 May 2009 at 1:42