Mercurial > prosody-modules

view mod_password_reset/README.markdown @ 5796:93d6e9026c1b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Do not enforce PKCE on Device and OOB flows PKCE does not appear to be used with the Device flow. I have found no mention of any interaction between those standards. Since no data is delivered via redirects in these cases, PKCE may not serve any purpose. This is mostly a problem because we reuse the authorization code to implement the Device and OOB flows.
author Kim Alvefur <zash@zash.se>
date Fri, 15 Dec 2023 12:10:07 +0100
parents 660160fe97fa
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: 'Enables users to reset their password via a link'
rockspec:
  build:
    copy_directories:
    - password_reset
...

Introduction
============

This module allows users to reset their password via a simple link to a web page.

Reset links may be generated by an admin through their XMPP client using the ad-hoc
command that this module provides. Alternatively other modules may reuse this module
to generate links and e.g. send them via email to the user directly.

A link is only valid for a single reset, and expires after a duration (24 hours by default).

This module depends on Prosody's internal webserver.

Compatibility
=============

  ----- -------
  0.10  Works
  ----- -------
  trunk Works
  ----- -------