Implement password reset self service

mellowagain / gitarena

Software development platform with built-in vcs, issue tracking and code review

MIT License

86 stars 10 forks source link

Implement password reset self service #50

Open mellowagain opened 2 years ago

mellowagain commented 2 years ago

This is totally possible if SMTP is enabled and configured but the question is how we would accomplish this when SMTP is disabled

mayacopeland commented 2 years ago

Similarly to how Discord and Steam handle 2FA, would it make sense to similarly have a 'backup' code generated and shown upon registration that can be used in order to reset a password, which is shown once and could be regenerated upon usage?

mellowagain commented 2 years ago

That sounds reasonably.