Feature request: add forgot-your-password option #221
Comments
|
This would involve getting into this whole sending email thing and so far we tried to avoid it. But we also think about sending reminder emails to participants for longitudinal studies and then we definitely need emails. I hope you can wait. It's not the highest priority. |
|
Sure, I just wanted to put it on the radar! |
|
you could consider offloading auth to a service like keycloak, or providing it as an option. |
|
keycloak has its uses but its an independent running service with some kind of HTTP interface. To keep installation and administration of JATOS simple I'd prefer to have authentication part of the application. There are libraries like pac4j or Spring Security that do this in the Java world. Right now I'm looking into this topic again. The planned public API for JATOS needs some kind of authentication. Maybe now it's time to switch to one of the libraries. |
|
yeah, my bad. i'd gotten the impression that keycloak was entirely client-side (the same way firebase can be) ... but you're right, it requires you to deploy something server side. |
Right now if you forget your password there seems to be no other option then asking the admin to reset it for you and mail you the new password. It would be convenient to have a 'Forgot your password?' link on the login page which would result in sending a link (by email) to the user with the option to reset the password. (Just like most site have, basically.)
The text was updated successfully, but these errors were encountered: