Opened 10 years ago
Last modified 9 months ago
#2543 new defect
Allow users to change account password
Reported by: | scythetwirler | Owned by: | |
---|---|---|---|
Priority: | Should Have | Milestone: | Alpha 27 |
Component: | Multiplayer lobby | Keywords: | beta |
Cc: | Dunedan | Patch: | Phab:D5039 |
Description
Users should be able to change their passwords without contacting a lobby mod.
Change History (15)
comment:1 by , 10 years ago
comment:3 by , 10 years ago
User account management in general would be a good thing. I like the idea of having an optional email associated with the account, for password resets (it's going to be ridiculous how many people forget their password, if it's not already). Maybe it doesn't all have to be done in the game, if the server has a web interface for account management. People might want to delete their account as well.
I guess every new feature will add security concerns, but they would exist and should be solved anyway.
follow-up: 5 comment:4 by , 10 years ago
Hmm I'm wondering if we could link them with the forums this way if you have an issue with the game you can connect with your login in the forums. And what about a trac account. This would lead us to have one big database instead of three, and if we limit the inscriptions to the forums and to the game, we will have no more spammers on the trac.
comment:5 by , 10 years ago
Replying to stanislas69:
Hmm I'm wondering if we could link them with the forums this way if you have an issue with the game you can connect with your login in the forums. And what about a trac account. This would lead us to have one big database instead of three, and if we limit the inscriptions to the forums and to the game, we will have no more spammers on the trac.
Something similar was considered during the last website update (#1108), but as I recall, integrating the different systems was too much work for too little benefit, so that never went anywhere. There are probably more advantages to keeping the registrations separate than combining them. (Spammers on Trac can be mitigated with a captcha plugin, it's a matter of someone doing the work)
comment:6 by , 10 years ago
Milestone: | Alpha 17 → Backlog |
---|
comment:7 by , 9 years ago
Owner: | removed |
---|
comment:8 by , 7 years ago
Keywords: | essential added |
---|
comment:9 by , 7 years ago
Keywords: | essential removed |
---|
comment:10 by , 7 years ago
Keywords: | beta added |
---|
comment:11 by , 7 years ago
https://wiki.xmpp.org/web/Password_retrieval makes me kind of doubtful that there's a xmpp implementation...
comment:12 by , 7 years ago
Perhaps https://www.ejabberd.im/mod_register_web would work, but emailing association with accounts seems like it would require custom work: https://www.ejabberd.im/node/3612
comment:13 by , 7 years ago
https://xmpp.org/extensions/xep-0077.html#usecases-changepw
and purging accounts that haven't been used (last-login date) for some amount of time such as 6 months, or 1 year.
comment:14 by , 20 months ago
Cc: | added |
---|
Allowing lobby users to change their password should be straight forward. As leper already mentioned, 0ad uses inband registration (XEP-0077) for account registration and that also offers password changing functionality. gloox supports that (https://camaya.net/api/gloox-1.0.24/classgloox_1_1Registration.html#a3a742df8a42c9d1fe068b7cab9c88412), so implementing it should require just some glue code and the UI for it.
comment:15 by , 9 months ago
Milestone: | Backlog → Alpha 27 |
---|---|
Patch: | → Phab:D5039 |
mod = moderator ?