Password update feature

adam_beers · November 6, 2016, 11:16pm

I think there should be a password update feature, instead of just the option to send an email under preferences.

I’ve created a Discourse Android app and one of the big features that I need is a password update/reset option via http JSON.

codinghorror · November 7, 2016, 5:46am

This is not currently on our roadmap in any form.

adam_beers · November 7, 2016, 8:37am

What does it take to get a feature added or on a roadmap?

sam · November 7, 2016, 9:24am

App should use user API like the official app does. Not sure why the app would really deal with passwords

fefrei · November 7, 2016, 9:28am

Independently of his use case, I think that it’s really strange that you cannot change your password without a mail-based reset. I cannot think of any popular service that does this…

codinghorror · November 7, 2016, 1:04pm

Why is that strange? It’s the “enter your password again before we allow you to change your password” step. In this case your password is that you control the current email address. If you don’t, you won’t be able to change the password, whereas if we let anybody with a valid login cookie change the password…

fefrei · November 7, 2016, 1:05pm

But I cannot enter my password, I have to receive an email?

codinghorror · November 7, 2016, 1:07pm

Think of it as two factor auth.

fefrei · November 7, 2016, 1:10pm

Wait, let me count again…

control over mail address

Sorry, I cannot find the second factor

codinghorror · November 7, 2016, 1:20pm

The second factor is the new password you will set or the cookie you already hold, yes?

fefrei · November 7, 2016, 1:21pm

Either way, not allowing the classical three-box password change ritual feels weird – almost no service omits it.

blake · November 7, 2016, 1:30pm

The extra security is a +1 in my book.

adam_beers · November 7, 2016, 6:24pm

I’m not aware of the official app. Is it Android based? Where is it? Is it the “work in progress” app that I stumbled upon in another thread here, in github.com/discourse?

Falco · November 7, 2016, 6:36pm

https://github.com/discourse/DiscourseMobile/tree/master

adam_beers · November 8, 2016, 12:07am

So, this is the same app that I looked at previously. The ReactActivity is new to me. Never seen it before and a quick search didn’t reveal much beyond references to facebook. Can someone help me understand it? Doesn’t seem like a standard app. I can’t follow it but that’s just because the ReactActivity is new to me.

I have a beautiful app for Android that I’ve created. I’m happy to show anyone who wants to help test it also.

Attached a screenshot.

adam_beers · November 8, 2016, 5:50pm

Sam, could you explain the “user API like the official app does”? How does the official app do a sign-in?

Topic		Replies	Views
Is there an API for changing a password? dev	6	4220	November 6, 2016
Why Doesn't Discourse Have a "Confirm Password" Section During The Signup Process? feature	5	1230	January 9, 2018
Received password reset email though I didn’t request one? support	15	2008	November 28, 2023
Require password to access admin panel feature	4	982	August 12, 2017
When resetting password, ask user to confirm feature	9	1338	October 22, 2015

Password update feature

Related Topics