mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-13 18:32:41 +01:00
0e1bbbd489
Summary: Give them a big essay about how it's dangerous, but allow them to do it formally. Because the username is part of the password salt, users must change their passwords after a username change. Make password reset links work for already-logged-in-users since there's no reason not to (if you have a reset link, you can log out and use it) and it's much less confusing if you get this email and are already logged in. Depends on: D2651 Test Plan: Changed a user's username to all kinds of crazy things. Clicked reset links in email. Tried to make invalid/nonsense name changes. Reviewers: btrahan, vrana Reviewed By: btrahan CC: aran Maniphest Tasks: T1303 Differential Revision: https://secure.phabricator.com/D2657 |
||
---|---|---|
.. | ||
oauthregistration | ||
PhabricatorAuthController.php | ||
PhabricatorDisabledUserController.php | ||
PhabricatorEmailLoginController.php | ||
PhabricatorEmailTokenController.php | ||
PhabricatorLoginController.php | ||
PhabricatorLoginValidateController.php | ||
PhabricatorLogoutController.php | ||
PhabricatorMustVerifyEmailController.php | ||
PhabricatorOAuthDiagnosticsController.php | ||
PhabricatorOAuthLoginController.php | ||
PhabricatorOAuthUnlinkController.php | ||
PhabricatorRefreshCSRFController.php |