FlipEnergy
commented
9 years ago @ericchu94 Oh yeah that doesn't make sense. I think i meant old password. I'll reword it.
Do i just change it directly or do I need to make a new branch?
Closed ericchu94 closed 9 years ago
FlipEnergy
commented
9 years ago @ericchu94 Oh yeah that doesn't make sense. I think i meant old password. I'll reword it.
Do i just change it directly or do I need to make a new branch?
ericchu94
commented
9 years ago Do you mean that the password cannot be changed to the old (current) password? Or do we need to keep a history of all of a user's past passwords? Because I don't think such a strong security requirement is needed for module 2.
The tackling issues section in the git workflow documentation should contain the answer to that question
ericchu94
commented
9 years ago Relates to gh-6
FlipEnergy
commented
9 years ago @ericchu94 I mean just the current password. No point in changing it if you're not changing it. Okay should be fixed. Please check.
ericchu94
commented
9 years ago @FlipEnergy did you forget to push the feature branch?
ericchu94
commented
9 years ago Err... I see your commit now. You made the change in issue 6, and linked issue 6, but instead you were supposed to do it in issue 8... Please revert that commit (make a commit that undo's your changes, and link it to issue 6, with an appropriate commit message), and make the changes in issue 8
FlipEnergy
commented
9 years ago @ericchu94 okay please check. Sorry about that.
ericchu94
commented
9 years ago The commit needs to be on the branch for issue 8. You only changed the commit message, but you are still using the wrong branch.
Please revert that commit (make a commit that undoes your changes, and link it to issue 6, with an appropriate commit message), and make the changes in issue 8
FlipEnergy
commented
9 years ago @ericchu94
Sorry about the confusion. Thanks for your patience. Please make sure I did it correctly this time.
ericchu94
commented
9 years ago What is the justification for displaying a message.
Why not just let the operation complete successfully?
FlipEnergy
commented
9 years ago @ericchu94 Seems kind of pointless doesn't it? No point allowing them to "change" their password using the same one again. This way when they do, they know that they're changing to the same password. Maybe that's useful?
Do you think we should just let it operate as usual?
ericchu94
commented
9 years ago Why is that useful?
When a user wants to change a password, what is his actual intent?
My justifications to not treating this as a special case
FlipEnergy
commented
9 years ago @ericchu94 Alright, you won me over. I will just remove the point.
FlipEnergy
commented
9 years ago @ericchu94 Please review.
ericchu94
commented
9 years ago @FlipEnergy go ahead and deliver
FlipEnergy
commented
9 years ago Merged to master.
FlipEnergy
commented
9 years ago Issue 8 closed.
Why is there a unique password requirement? (BRD Module 2, point 1.4.1)
I think it may be a security issue to have this. The closest thing that I see is not being able to change your password to a previous password of the same account. But I don't think we need that feature.