I agree with you Sebastian. If you get or implement a solution please share it with us to snippet it. thanks, Ale xF
El 27/07/2009 0:23, Sebastian E. Ovide escribió: > personally I prefer the method adopted by most of the websites... > they send you a link valid for x minutes that you can use to reset > your password. > > I find very annoying that anybody can reset my password ! > > On Sun, Jul 26, 2009 at 10:05 PM, Yarko Tymciurak <yark...@gmail.com > <mailto:yark...@gmail.com>> wrote: > > This is a design topic - I think what you expect and what others > would expect for this will vary. > > I think this could be less secure (what if someone asks for a > password reset because someone saw their password, and reset to > their own?). > > In any case, if you want to only enable a new password after the > validation, you would need to store it, and extend the Auth class, > and modify change_password accordingly. > > > > On Sun, Jul 26, 2009 at 3:15 PM, Sebastian E. Ovide > <sebastianov...@gmail.com <mailto:sebastianov...@gmail.com>> wrote: > > Hi All, > > retrieving a new password, if the SMTP is down, I am getting > (correctly) an flash saying "unable to send mail". At this > point, as the email could not been sent, I would expect having > the same password... but web2py is still assigning a new > password... > > is it a bug or is working as designed ? > > thanks > > -- > > Sebastian E. Ovide > > > > > > > > > > > > -- > > Sebastian E. Ovide > > skype: seezov > > +353 87 6340149 > > Sent from Dublin, Ireland > > -- Alejandro Fanjul Fdez. alex.fan...@gmail.com www.mhproject.org --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
