Checked for duplicates
Yes - I've already checked
Alternatives considered
Yes - and alternatives don't suffice
Related problems
No response
Describe the feature request
Add a new page to /configure: Users
- The Users pages has a table with the following columns:
- Username, Email, Role, Created At, Last Active, Actions
- Actions are: Reset Password, Delete
Reset Password Page:
To avoid using emails and such clients, password resets will work like this:
- Admins and only Admins can create password reset links to give to users. This would grant admins the ability to change users passwords on their behalf as well (which is fine given they already have access to the deployment and db).
- Reset links use a long hashed token, expire after a period of time and are one time use.
- Admins are reminded to send the link securely to users.
- The Admin cannot change the admin password this way.
- If the Admin forgets their password, there shall be an ENV variable that resets the password on server start.
This all is primarily when the env AUTH=local
Checked for duplicates
Yes - I've already checked
Alternatives considered
Yes - and alternatives don't suffice
Related problems
No response
Describe the feature request
Add a new page to /configure: Users
Reset Password Page:
To avoid using emails and such clients, password resets will work like this:
This all is primarily when the env AUTH=local