Improve documentation of password reset feature.
このコミットが含まれているのは:
コミット
a9932a1675
|
@ -110,7 +110,7 @@ func passwordResetLinkPostHandler(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
if tokens[0] != name {
|
||||
execTemplate(w, "error.html", "Wrong!")
|
||||
execTemplate(w, "error.html", "Wrong answer(s).")
|
||||
removeLineStartingWith(pwResetPath, urlPart)
|
||||
return
|
||||
}
|
||||
|
@ -121,7 +121,7 @@ func passwordResetLinkPostHandler(w http.ResponseWriter, r *http.Request) {
|
|||
if "" != tokensUser[2] &&
|
||||
nil != bcrypt.CompareHashAndPassword([]byte(tokensUser[3]),
|
||||
[]byte(r.FormValue("secanswer"))) {
|
||||
execTemplate(w, "error.html", "Wrong!")
|
||||
execTemplate(w, "error.html", "Wrong answer(s).")
|
||||
removeLineStartingWith(pwResetPath, urlPart)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -1,16 +1,23 @@
|
|||
{{ template "header" }}
|
||||
<form method="post" action="passwordreset">
|
||||
<fieldset>
|
||||
<legend>Reset password</legend>
|
||||
<legend>Request password reset</legend>
|
||||
|
||||
<div>
|
||||
<label for="name">Name</label>
|
||||
<input type="text" id="name" name="name" maxlength="140" required />
|
||||
<label for="name">Account whose login to reset</label>
|
||||
<input type="text" id="name" name="name" />
|
||||
|
||||
<hr />
|
||||
|
||||
<p>To reset the password for an account, an e-mail address <a href="/accountsetmail">must have been set</a> for it. The request here will be answered with an e-mail to the address which contains nothing but a randomized URL pointing back to a page on this server.</p>
|
||||
<p>Said page will only be available for a limited time. It will ask for the account name, a new password (must be entered twice), and, if a security question <a href="/accountsetquestion">has been set</a> for the account in question, an answer to that. The new password will only be set when the account name given there is the same given here, and, if a security question was set for that account, the answer is the one previously defined for it. Wrong answers will remove the temporary account reset page at once. A new one can be requested here then.</p>
|
||||
<p>Note that clicking the button below will always redirect you to this site's start page – no matter whether the server actually sends out a password reset link for any account or not.</p>
|
||||
|
||||
</div>
|
||||
|
||||
<hr />
|
||||
|
||||
<button type="submit">Request password reset</button>
|
||||
<button type="submit">Request</button>
|
||||
</fieldset>
|
||||
</form>
|
||||
{{ template "footer" }}
|
||||
|
|
読み込み中…
新しいイシューから参照