Reviewers
Request review
No reviewers
Labels
Clear labels
Related to the REST API
Code running on the server
Stuff related to Federation
Related to the front-end
Translations, and related code
More about project management or code than the project itself
The building, or installation process of Plume
Something isn't working
We need to talk
New feature or request
This is a new feature
Compatibility with different browsers, readers and OS
Related to an external package that Plume uses
UI/UX related issues and PRs
Good for newcomers
Extra attention is needed
Issues affecting only mobile UX
How elements're rendered out for the end user
Something else needs to be fixed first
This issue or pull request already exists
This PR is not complete yet
Issues concern a limited number of instances
This doesn't seem right
Need to be discussed by the community (on Loomio)
This PR is ready to be reviewed
Proposed ideas worth considering
This is issue has been created after a vote on Loomio
This will not be worked on
Apply labels
A: API
Related to the REST API
A: Backend
Code running on the server
A: Federation
Stuff related to Federation
A: Front-End
Related to the front-end
A: I18N
Translations, and related code
A: Meta
More about project management or code than the project itself
A: Security
Build
The building, or installation process of Plume
C: Bug
Something isn't working
C: Discussion
We need to talk
C: Enhancement
New feature or request
C: Feature
This is a new feature
Compatibility
Compatibility with different browsers, readers and OS
Dependency
Related to an external package that Plume uses
Design
UI/UX related issues and PRs
Documentation
Good first issue
Good for newcomers
Help welcome
Extra attention is needed
Mobile
Issues affecting only mobile UX
Rendering
How elements're rendered out for the end user
S: Blocked
Something else needs to be fixed first
S: Duplicate
This issue or pull request already exists
S: Incomplete
This PR is not complete yet
S: Instance specific
Issues concern a limited number of instances
S: Invalid
This doesn't seem right
S: Needs Voting/Discussion
Need to be discussed by the community (on Loomio)
S: Ready for review
This PR is ready to be reviewed
Suggestion
Proposed ideas worth considering
S: Voted on Loomio
This is issue has been created after a vote on Loomio
S: Wontfix
This will not be worked on
No Label
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Assignees
Assign users
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.
No due date set.
Dependencies
No dependencies set.
Reference: Plume/Plume#448
Reference in New Issue
There is no content yet.
Delete Branch 'password-reset'
Deleting a branch is permanent. It CANNOT be undone. Continue?
No
Yes
There is now a link on the login page if you forgot your password. It redirects you to a page asking your email address. An email containing a password reset link will be sent to this address if someone registered with this address. The link is only valid for 15 minutes.
I used the
lettre
crate for mail finally since I didn't find a way to set a subject withmailstrom
(which is very weird). It also allowed me to implement a debug mail sender, that can be enabled with--feature debug-mailer
and that will log mails instead of actually sending them.I should also document the new configuration options for the mail server.Done (but I can still modify it again if you don't like the current approach)Fixes #298
Codecov Report
Codecov Report
I haven't tested it yet, just made some observations on the code. Most comments are code-style, so this is mostly good
you should reorder imports so all
feature=debug
and allnot(feature=debug)
are segregated, it'll make thinks easier to read and maintainThe ideal may be to have 2 private mods, one
debug
and onerelease
(or whatever), and re-export only the one enabledMaybe this would be more at it's place in plume-model than in plume itself?
@ -101,3 +105,140 @@ pub fn delete(mut cookies: Cookies) -> Redirect {
}
I think this statement could be made into a single function in
src/mails.rs
(or wherever it move), which take in parameter subject and content, so it can be easily reused later if we send other kinds of mails (moderation warnings or whatever when it will get implemented)15 minutes seems shorts, I'd advise something like 1 or 2 hours instead, mails can be long to transmit
to prevent the
State<...>
from growing up in memory (basically be a memory leak), you should filter and eliminate old entries either with the internal scheduler, or somewhere like hereyou should check if there haven't already be a link sent recently, otherwise one might use it to spam a user by sending them many reset links
Apparently letter won't compile on Archlinux, it requires an old version of openssl that Arch don't provide. I'll spin up a debian vm this afternoon to actually test the code, and try to fix this with upstream
that's 24 minutes, not 24 hours
that's 2 minutes, not 2 hours
You should maintain the lock instead of locking and unlocking many times
I think using ! .any(|x|...) would be easier to read
you should remove before checking if there is already an entry, otherwise one asking for a second reset link after, says, 12 hours, won't get it's mail. Also this mean the vec is cleaned only when a valid request is made, so if nobody else request a password reset, one wont ever get unlocked
Instead of building a Vec, then "substracting" if from the one stored, building directly the right one and mem::replace-ing it seems easier to read, and don't require to enable another feature
snippet :
Oops looks like I don't know how time is working 😬
I can't because I need to borrow it both mutably and immutably and Rust won't let me do that. But maybe there is a solution to do it I didn't find?
I've removed a lot of code, but here is a poc of how I would do it (and some other things, trashing old things sooner and don't use the feature) https://play.rust-lang.org/?version=nightly&mode=debug&edition=2018&gist=2c32af184c99ff62ee99f94aa2e4fa13
Sadly I can't compile this branch so I can't give you a clean commit, but it should put you on the right track
(I found a better way to do it, see the link to the playground)
and again, that's 2.4 hours
why is math so hard? why are there no
as_minutes()
andas_hours()
functions?!??👍
It doesn't seems to compile with debug-mailer on
Something should also be added in the documentation regarding new environment variables
Already done 😁, see https://docs.joinplu.me/environment/ and https://docs.joinplu.me/installation/config/
Mb, I did not check it before. I think however Docker documentation should be updated, as it says only 2 vars need changes, whereas MAIL_* do too
Reviewers
a2b9d7ec44
.Step 1:
From your project repository, check out a new branch and test the changes.Step 2:
Merge the changes and update on Forgejo.