[keycloak-dev] Reset Password changes complete needs review
Bill Burke
bburke at redhat.com
Thu Aug 20 17:08:14 EDT 2015
On 8/20/2015 10:05 AM, Stian Thorgersen wrote:
> If it makes it easier I think sending a recover password link, but not loging-in the user afterwards is fine.
>
I implemented it so that after you type in the username for Forgot
Password, it brings you to the login screen with a message "You should
receive an email with instructions to reset your credentials". Clicking
on the link in the email allows you to log in.
I added a fork() method that clones the current ClientSession and resets
it to follow the browser login flow. This is called in the email
authenticator. I couldn't get around introducing another SPI method.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list