Closed ericchu94 closed 9 years ago
@ericchu94 Oh yeah that doesn't make sense. I think i meant old password. I'll reword it.
Do i just change it directly or do I need to make a new branch?
Do you mean that the password cannot be changed to the old (current) password? Or do we need to keep a history of all of a user's past passwords? Because I don't think such a strong security requirement is needed for module 2.
The tackling issues section in the git workflow documentation should contain the answer to that question
Relates to gh-6
@ericchu94 I mean just the current password. No point in changing it if you're not changing it. Okay should be fixed. Please check.
@FlipEnergy did you forget to push the feature branch?
Err... I see your commit now. You made the change in issue 6, and linked issue 6, but instead you were supposed to do it in issue 8... Please revert that commit (make a commit that undo's your changes, and link it to issue 6, with an appropriate commit message), and make the changes in issue 8
@ericchu94 okay please check. Sorry about that.
The commit needs to be on the branch for issue 8. You only changed the commit message, but you are still using the wrong branch.
Please revert that commit (make a commit that undoes your changes, and link it to issue 6, with an appropriate commit message), and make the changes in issue 8
@ericchu94
Sorry about the confusion. Thanks for your patience. Please make sure I did it correctly this time.
What is the justification for displaying a message.
Why not just let the operation complete successfully?
@ericchu94 Seems kind of pointless doesn't it? No point allowing them to "change" their password using the same one again. This way when they do, they know that they're changing to the same password. Maybe that's useful?
Do you think we should just let it operate as usual?
Why is that useful?
When a user wants to change a password, what is his actual intent?
My justifications to not treating this as a special case
@ericchu94 Alright, you won me over. I will just remove the point.
@ericchu94 Please review.
@FlipEnergy go ahead and deliver
Merged to master.
Issue 8 closed.
Why is there a unique password requirement? (BRD Module 2, point 1.4.1)
I think it may be a security issue to have this. The closest thing that I see is not being able to change your password to a previous password of the same account. But I don't think we need that feature.