path: root/elm
diff options
authorYorhel <>2019-10-03 13:33:04 +0200
committerYorhel <>2019-10-03 15:08:56 +0200
commit0965af5fd74cf53503bb7ae0262d31c25f894385 (patch)
tree771bb390d19521bce14874ca2c55fb3ba51bce56 /elm
parent97bfe01c28df6df181aa3fa6e4e9cecd983efb11 (diff)
SQL: Add session types + use sessions for password reset tokens
This improves the password reset workflow a bit. The users.passwd field is now no longer used for reset tokens, meaning that the current password isn't affected until the user actually clicks the link and changes it. It is now also possible to have multiple active password reset tokens, in case one of the emails got lost. All existing tokens are invalidated when the user finally changes their password. Tokens are now valid for at most 1 week instead of indefinitely.
Diffstat (limited to 'elm')
0 files changed, 0 insertions, 0 deletions