Merge lp:~twom/canonical-identity-provider/confirm-password-before-changing into lp:canonical-identity-provider/release
Proposed by
Tom Wardill
Status: | Merged |
---|---|
Approved by: | Tom Wardill |
Approved revision: | no longer in the source branch. |
Merge reported by: | Otto Co-Pilot |
Merged at revision: | not available |
Proposed branch: | lp:~twom/canonical-identity-provider/confirm-password-before-changing |
Merge into: | lp:canonical-identity-provider/release |
Diff against target: |
338 lines (+98/-8) 6 files modified
src/identityprovider/forms.py (+18/-2) src/identityprovider/tests/sso_server/test_home_page.py (+1/-0) src/identityprovider/tests/test_forms.py (+23/-3) src/identityprovider/tests/test_views_server.py (+3/-1) src/webui/templates/widgets/passwords.html (+15/-0) src/webui/tests/test_views_account.py (+38/-2) |
To merge this branch: | bzr merge lp:~twom/canonical-identity-provider/confirm-password-before-changing |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Daniel Manrique (community) | Approve | ||
Maximiliano Bertacchini | Approve | ||
Review via email: mp+360817@code.launchpad.net |
Commit message
Add a confirm password box to the edit account details screen.
Description of the change
Adds a confirm password box to the edit account details screen, required for changing any account details (email, display name, password, 2fa options).
As the password boxes are handled by a mixin, allow the mixin to take a parameter, as we don't want a 'forgotten password' reset to require the password that you just forgot.
To post a comment you must log in.
LGTM, with a couple of nitpicks. Ran locally and tested:
- Create account - new password and new password confirmation are required as usual.
- Edit account - current password confirmation is required as expected.
- Edit account - POST with no "oldpassword" correctly validated server-side.
- Forgot password - no current password is requested.
Would be great to hear a second opinion, just in case. Thanks!