view mod_adhoc_account_management/README.markdown @ 5550:4fda06be6b08

mod_http_oauth2: Make note about handling repeated RFC 6749 states > If an authorization code is used more than once, the authorization > server MUST deny the request and SHOULD revoke (when possible) all > tokens previously issued based on that authorization code. We should follow the SHOULD. The MUST is already covered by removing the code state from the cache.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:10:46 +0200
parents 4d73a1a6ba68
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: Personal account management command
...

Introduction
============

This module adds an ad-hoc command that lets an user change their
password. This is useful for clients that don't have support for
[XEP-0077](http://xmpp.org/extensions/xep-0077.html) style password
changing. In the future, it may provide other account management
commands.

Configuration
=============

    modules_enabled = {
        -- other modules --
        "adhoc_account_management",

    }

    close_sessions_on_password_change = true
    require_current_password = true
    require_confirm_password = true

  Option                                  Default   Description
  --------------------------------------- --------- ----------------------------------------------------------------
  close\_sessions\_on\_password\_change   true      Changing password invalidates other sessions the user may have
  require\_current\_password              true      Add a field for the current password
  require\_confirm\_password              true      Add a field for confirming the current password

Todo
====

Suggestions welcome,