2008-12-23 00:13:12 +01:00
|
|
|
The only way to have a private ikiwiki, with a shared user database
|
|
|
|
|
for static pages and CGI authentication, is to use
|
|
|
|
|
[[plugins/httpauth]]. It would be good for httpauth to be on par with
|
|
|
|
|
[[plugins/passwordauth]], i.e. to allow registering users, resetting
|
|
|
|
|
passwords, and changing passwords; supporting some kind of
|
2008-10-20 01:19:24 +02:00
|
|
|
`account_creation_password` configuration option would be nice, too.
|
|
|
|
|
|
|
|
|
|
I'll probably propose patches implementing this at some point.
|
|
|
|
|
I've not had a single look at the code yet, but it may be nice to factorize
|
|
|
|
|
the relevant passwordauth code, instead of rewriting it completely in httpauth.
|
|
|
|
|
|
|
|
|
|
-- [[intrigeri]]
|
|
|
|
|
|
2008-12-23 00:13:12 +01:00
|
|
|
Well, on such a private wiki, one can neither register herself nor
|
|
|
|
|
reset his password: the registration page, as any other page, would be
|
|
|
|
|
forbidden to non-authenticated users. Admin users should then be
|
|
|
|
|
enabled to:
|
|
|
|
|
|
|
|
|
|
- register a new user
|
|
|
|
|
- reset someone else's password
|
|
|
|
|
|
|
|
|
|
In both cases, a brand new random password is sent by e-mail to the
|
|
|
|
|
new user.
|
|
|
|
|
|
|
|
|
|
An authenticated user should nevertheless be able to change his
|
|
|
|
|
own password. -- [[intrigeri]]
|
|
|
|
|
|
2008-10-20 01:19:24 +02:00
|
|
|
[[wishlist]]
|
