Need to provide “lost password?” interface and workflow #478
Comments
|
Made a skeleton for this interface in branch One thing to note: If user account emails are not unique then this process might be buggy. If a user has 3 different accounts registered with the same email address, then which account do they want to do the password reset for? |
|
The unique emails thing is an important point. It is also an issue for the lookup by email address we currently do for setting event collaborators. @nbaertlein can you comment on the unique email address question? I feel like we have discussed this in the past and may have actively decided to allow duplicates, but that does have some negative implications. What is your thinking? CC: @JChipault |
|
Perhaps we could only allow 1 active (is_active = true) email? An email can be used to create an account only if there's no matching active email. This was discussed to accommodate situations in which a small organization (like a rehab facility) has a primary email account, but staff may change. To allow for this though, we'd need a mechanism for an individual to "delete" and account, which we'd then only mark as inactive. |
|
Ok, so to restate as a rule: Email address must be unique for active user accounts ( To accommodate this we will need to add an interface for a user to Delete an account (or perhaps we call it "Deactivate" since that is actually what is happening). Reactivating an account would require intervention from a WHISPers administrator since there could potentially be a collision of email addresses. But we could create an interface for that re-activation request, or just leave it up to the general whispers email address and list that among the reasons to contact WHISPers staff in the FAQ and/or Contact tabs of the info dialog box. @nbaertlein @JChipault Sound right? |
No description provided.
The text was updated successfully, but these errors were encountered: