view mod_adhoc_account_management/README.markdown @ 5513:0005d4201030

mod_http_oauth2: Reject duplicate form-urlencoded parameters Per RFC 6749 section 3.1 > Request and response parameters MUST NOT be included more than once. Thanks to OAuch for pointing out Also cleans up some of the icky behavior of formdecode(), like returning a string if no '=' is included.
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 11:03:57 +0200
parents 4d73a1a6ba68
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: Personal account management command
...

Introduction
============

This module adds an ad-hoc command that lets an user change their
password. This is useful for clients that don't have support for
[XEP-0077](http://xmpp.org/extensions/xep-0077.html) style password
changing. In the future, it may provide other account management
commands.

Configuration
=============

    modules_enabled = {
        -- other modules --
        "adhoc_account_management",

    }

    close_sessions_on_password_change = true
    require_current_password = true
    require_confirm_password = true

  Option                                  Default   Description
  --------------------------------------- --------- ----------------------------------------------------------------
  close\_sessions\_on\_password\_change   true      Changing password invalidates other sessions the user may have
  require\_current\_password              true      Add a field for the current password
  require\_confirm\_password              true      Add a field for confirming the current password

Todo
====

Suggestions welcome,