httpauth_feature_parity_with_passwordauth: a bit more thinking
Signed-off-by: intrigeri <intrigeri@boum.org>master
parent
02da7ec599
commit
e81c59748e
|
@ -1,5 +1,8 @@
|
|||
The only way to have a private ikiwiki, with a shared user database for static pages and CGI authentication, is to use [[plugins/httpauth]]. It would be good for httpauth to be on par with [[plugins/passwordauth]],
|
||||
i.e. to allow registering users, resetting passwords, and changing passwords; supporting some kind of
|
||||
The only way to have a private ikiwiki, with a shared user database
|
||||
for static pages and CGI authentication, is to use
|
||||
[[plugins/httpauth]]. It would be good for httpauth to be on par with
|
||||
[[plugins/passwordauth]], i.e. to allow registering users, resetting
|
||||
passwords, and changing passwords; supporting some kind of
|
||||
`account_creation_password` configuration option would be nice, too.
|
||||
|
||||
I'll probably propose patches implementing this at some point.
|
||||
|
@ -8,4 +11,18 @@ the relevant passwordauth code, instead of rewriting it completely in httpauth.
|
|||
|
||||
-- [[intrigeri]]
|
||||
|
||||
Well, on such a private wiki, one can neither register herself nor
|
||||
reset his password: the registration page, as any other page, would be
|
||||
forbidden to non-authenticated users. Admin users should then be
|
||||
enabled to:
|
||||
|
||||
- register a new user
|
||||
- reset someone else's password
|
||||
|
||||
In both cases, a brand new random password is sent by e-mail to the
|
||||
new user.
|
||||
|
||||
An authenticated user should nevertheless be able to change his
|
||||
own password. -- [[intrigeri]]
|
||||
|
||||
[[wishlist]]
|
||||
|
|
Loading…
Reference in New Issue