stuartpb
commented
7 years ago Reauth is now an emergent property of required inputs on form objects (#163). Closing this.
Closed stuartpb closed 7 years ago
stuartpb
commented
7 years ago Reauth is now an emergent property of required inputs on form objects (#163). Closing this.
I'm not wild about the state of
reauthright now. It implies something that isn't necessarily true (for instance, if you're entering the old password after entering a new one for a password change, it's not exactly a "reauthentication", nor is it quite a reauth if you're giving your email when resetting a password a la #165.There's also the matter of documenting the point at which you're prompted for it (#66), and the way that it's not well-designed for a post-loose-enum-like world (#149).
It's also not all that much like a word, similarly to how I ditched
deauthforlogoutin the session enum.All in all, I'd rather have something, probably tag-like, that naturally incorporates #66.
Come to think of it, it'll probably ride alongside #163, with there being a property for
form, and then there can be abefore.formand anafter.form. Bam. That's the refactor. I can sleep now.