Users should be able to reset their password using the web UI.
Old issue: https://github.com/TheThingsIndustries/lorawan-stack/issues/1123
Because not all users are comfortable with the API or CLI
We have the CreateTemporaryPassword
RPC in the UserRegistry
service. HTTP binding is POST /api/v3/users/{user_ids.user_id}/temporary_password
. This needs to be called with the user ID and Email Address. A successful call results in an email being sent to the user with a temporary password that the can only use to reset their password with the UpdatePassword
RPC in the UserRegistry
service.
The following screens in the Web UI of the Identity Server:
Assigning @pgalic96 since he was already assigned to the original issue. Please discuss with @kschiffer the design. I propose to implement it in a (new) "account" React app that will also have the screen I discussed in #265. Note that the user does not need to be logged in for the screens proposed in this issue. Also note that these must not be implemented in the Console, since the Console must never have access to the user's password.
A "Forgot Password" screen where the user has to enter their username and email in order to receive a temporary password.
Should it be username and email or just e-mail?
cc @kschiffer
It actually only works with username right now, so let's start with that.
I think that people are better at remembering their email address than their user name, so please file an issue to be able to (only) specify their email address.
I propose to implement it in a (new) "account" React app that will also have the screen I discussed in #265.
Isn't the OAuth react app already the "account" app you're describing here, @htdvisser?
Most helpful comment
I think that people are better at remembering their email address than their user name, so please file an issue to be able to (only) specify their email address.