This is a design topic - I think what you expect and what others would expect for this will vary.
I think this could be less secure (what if someone asks for a password reset because someone saw their password, and reset to their own?). In any case, if you want to only enable a new password after the validation, you would need to store it, and extend the Auth class, and modify change_password accordingly. On Sun, Jul 26, 2009 at 3:15 PM, Sebastian E. Ovide < sebastianov...@gmail.com> wrote: > Hi All, > > retrieving a new password, if the SMTP is down, I am getting (correctly) an > flash saying "unable to send mail". At this point, as the email could not > been sent, I would expect having the same password... but web2py is still > assigning a new password... > > is it a bug or is working as designed ? > > thanks > > -- > > Sebastian E. Ovide > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
