Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Reset password form should has captcha

See original GitHub issue

We need to apply few changes to user reset functionality:

We need to add captcha validation to password reset form.

oxTrust should display current form without captcha if admin decided to not enable it (current flow)
Show captcha if admin activated captcha config

Remove section of code which send mail to not register e-mails. We also need to remove related messages from message resource files.
Update message which we show after password reset If this email is associated with a user account in our system, you will receive an email with instructions to reset your password.

Issue Analytics

State:
Created 5 years ago
Comments:11 (5 by maintainers)

Top GitHub Comments

1reaction

willow9886commented, Sep 12, 2018

@natt-tester

Also, I think a button taking the user back to the login page would be a nice enhancement. What do you think, @willow9886?

Can we tell what page they were trying to access, and make sure we send them back to the login page with the right redirect URI baked in?

Instead of sending them to a new page that says… “Please check your email…” would it be easier to just show a pop up message on the existing page?

Ideally its a good flow for the user, so something like this:

user --> app --> login (which, after success, would redirect back to the app, but since they don’t have password…) --> reset password --> click validation email --> set new password --> redirect back to login page with the original redirect URI set

0reactions

natt-testercommented, Sep 14, 2018

@shekhar16, there’s no need for a new resetPasswordSucces page, just put the message in a pop-up still in passwordReminder.