Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password reset Cleaner text #6319

Merged
merged 4 commits into from
Mar 23, 2017
Merged

Password reset Cleaner text #6319

merged 4 commits into from
Mar 23, 2017

Conversation

MartinSchoeler
Copy link
Contributor

@MartinSchoeler MartinSchoeler commented Mar 10, 2017
edited
Loading

@RocketChat/core

Related to #6229 (comment)

screenshot from 2017-03-10 14-24-44

@engelgabriel engelgabriel temporarily deployed to rocket-chat-pr-6319 March 10, 2017 17:27 Inactive
@engelgabriel engelgabriel added this to the 0.54.0 milestone Mar 10, 2017
sampaiodiego
sampaiodiego requested changes Mar 10, 2017
View reviewed changes
Copy link
Member

@sampaiodiego sampaiodiego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this cannot close #6229 because the register/login button label bug was not fixed

also, this is now warning the user if the e-mail address was not found on database which is feature I think we would like to keep.

karlprieb
karlprieb suggested changes Mar 10, 2017
View reviewed changes
server/methods/sendForgotPasswordEmail.js Outdated
@@ -5,6 +5,9 @@ Meteor.methods({
email = email.trim();

const user = RocketChat.models.Users.findOneByEmailAddress(email);
if (!user) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you can use an else in the if below, it will check for user once one time.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That shouldn’t be there, my bad.

@engelgabriel engelgabriel temporarily deployed to rocket-chat-pr-6319 March 10, 2017 19:53 Inactive
@alexbrazier
Copy link
Contributor

As an alternative to this, some websites send an email to the address you enter either giving you instructions to reset your password if the account exists, or sends you an email saying that you haven't registered with the email.
I think this is a good way of doing it because it means you are not waiting for an email that will never come if you don't have an account, and it is not a security issue because you will only be told if an account exists for an email if you own the email.

E.g.
image

@rodrigok
Copy link
Member

I liked the @alexbrazier idea

@MartinSchoeler
Copy link
Contributor Author

@karlprieb @sampaiodiego Could you do a review of this pr again? I have already did the changes

@engelgabriel engelgabriel temporarily deployed to rocket-chat-pr-6319 March 21, 2017 19:38 Inactive
rodrigok
rodrigok approved these changes Mar 21, 2017
View reviewed changes
Copy link
Member

@rodrigok rodrigok left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's better than the current message

@MartinSchoeler MartinSchoeler changed the title Password reset More clear text Password reset Cleaner text Mar 21, 2017
@rodrigok
Copy link
Member

@sampaiodiego What do you think?

@engelgabriel engelgabriel modified the milestones: 0.54.0, 0.55.0 Mar 22, 2017
@rodrigok rodrigok modified the milestone: 0.55.0 Mar 23, 2017
@rodrigok rodrigok merged commit 914e260 into develop Mar 23, 2017
@rodrigok rodrigok deleted the password-reset-invalid-email branch March 23, 2017 20:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rodrigok rodrigok rodrigok approved these changes

@sampaiodiego sampaiodiego sampaiodiego approved these changes

@karlprieb karlprieb karlprieb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.55.0
Development

Successfully merging this pull request may close these issues.
6 participants
@MartinSchoeler @alexbrazier @rodrigok @sampaiodiego @karlprieb @engelgabriel