[openstreetmap/openstreetmap-website] Require current password before accepting a new password (#2144)

Andy Allan notifications at github.com
Sat Feb 16 14:07:53 UTC 2019

> Sure we should probably improve it, but because the authentication and settings stuff is a complete clusterfsck it will be a massive amount of work and should probably only be tackled once that is sorted or we'll just break everything.

Yes, I think the best approach would be to move to Devise, and then work on these problems there. For example, in another project we recently required changing emails to a) send a warning to the existing email address and b) also send confirmation link to the new email address. These are just configuration settings in devise, we didn't need to write code for any of that.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20190216/ad95bc0b/attachment.html>

More information about the rails-dev mailing list