Add password fields to user enrollment form

freeipa / freeipa-community-portal

[ABANDONED] FreeIPA Community Portal extension

GNU General Public License v3.0

4 stars 6 forks source link

Add password fields to user enrollment form #31

Closed tiran closed 8 years ago

tiran commented 8 years ago

Allow user to set a temporary password during enrollment. The user must change her password when she logs in for her first time.

This PR depends on PR #30

tiran commented 8 years ago

@simo5 convinced me that a randomly assigned password is better. A user has to change her password in the web ui anyway. For security reasons the password reset can't be avoided. I'm going to make a new PR.

frasertweedale commented 8 years ago

How does the user find out their password? We will tell them through the portal website right - not via email :)

simo5 commented 8 years ago

When you set the first password in FreeIPA, you are not setting a permenent secret, just an OTP that must be changed on first access (until then the account is effectively disabled). So it is ok to send it via email.