On Sat, Aug 30, 2014 at 8:05 AM, Roelof Wobben <[email protected]> wrote:
>> > > The only thing I need is that I as admin can register user with a >> > > password. >> > > If the user looses her/his password then I get a mail and I as admin >> > > can make a new one. > Why I need a password for staff members so they can only see which invoice > is not payed or add a payment. Requiring staff to authenticate makes sense. Having *you set the password* for each staff member does not. For one thing, it doesn't scale. More importantly, how do you plan to communicate this password to the person? By email? Extremely insecure. By phone? In person? Not always convenient. Enabling each staff member to *set/reset their own password* is a far more efficient (and common) pattern. -- Hassan Schroeder ------------------------ [email protected] http://about.me/hassanschroeder twitter: @hassan -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CACmC4yA9RZMSiDGDoEbXkmDVVC_OdARC301fEYM25Qqu3p9Ryg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
