view mod_password_reset/README.markdown @ 5511:0860497152af

mod_http_oauth2: Record hash of client_id to allow future verification RFC 6819 section 5.2.2.2 states that refresh tokens MUST be bound to the client. In order to do that, we must record something that can definitely tie the client to the grant. Since the full client_id is so large (why we have this client_subset function), a hash is stored instead.
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:14:16 +0200
parents 660160fe97fa
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: 'Enables users to reset their password via a link'
rockspec:
  build:
    copy_directories:
    - password_reset
...

Introduction
============

This module allows users to reset their password via a simple link to a web page.

Reset links may be generated by an admin through their XMPP client using the ad-hoc
command that this module provides. Alternatively other modules may reuse this module
to generate links and e.g. send them via email to the user directly.

A link is only valid for a single reset, and expires after a duration (24 hours by default).

This module depends on Prosody's internal webserver.

Compatibility
=============

  ----- -------
  0.10  Works
  ----- -------
  trunk Works
  ----- -------