Password recovery - Githubissues

tdewolff / Dex

Small but feature-rich CMS for small and medium sized websites

MIT License

2 stars 2 forks source link

Password recovery #16

Closed tdewolff closed 10 years ago

tdewolff commented 10 years ago

Needed:

An email library for sending emails
A CAPTCHA solution to prevent too many requests (make it appear after 3 times?)

s-p-n commented 10 years ago

This feature is essential. We should even consider doing this before the first release.

s-p-n commented 10 years ago

never meant to close in the first place xD

tdewolff commented 10 years ago

For this we need the user's email address. We could omit the username and use the email address to log in and identify a user instead.

tdewolff commented 10 years ago

Pretty much implemented, uses Bcrypt for hashing the token so that even when hackers can read the DB they can't recover passwords. Only needs an email to be send, we need an email library.