view mod_adhoc_account_management/README.markdown @ 5448:9d542e86e19a

mod_http_oauth2: Allow requesting a subset of scopes on token refresh This enables clients to request access tokens with fewer permissions than the grant they were given, reducing impact of token leak. Clients could e.g. request access tokens with some privileges and immediately revoke them after use, or other strategies.
author Kim Alvefur <zash@zash.se>
date Thu, 11 May 2023 21:40:09 +0200
parents 4d73a1a6ba68
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: Personal account management command
...

Introduction
============

This module adds an ad-hoc command that lets an user change their
password. This is useful for clients that don't have support for
[XEP-0077](http://xmpp.org/extensions/xep-0077.html) style password
changing. In the future, it may provide other account management
commands.

Configuration
=============

    modules_enabled = {
        -- other modules --
        "adhoc_account_management",

    }

    close_sessions_on_password_change = true
    require_current_password = true
    require_confirm_password = true

  Option                                  Default   Description
  --------------------------------------- --------- ----------------------------------------------------------------
  close\_sessions\_on\_password\_change   true      Changing password invalidates other sessions the user may have
  require\_current\_password              true      Add a field for the current password
  require\_confirm\_password              true      Add a field for confirming the current password

Todo
====

Suggestions welcome,