Bare-bones self-serve password reset interface.
Notifications via action/trigger infrastructure - requires "hostname"
parameter for the event definition.
Provides localized minimal HTML reset request / reset forms.
OU settings for maximum number of concurrent reset requests per user, request
time to live, and maximum concurrent requests for the system (this last is
currently unused but will be the basis of throttling)
TODO:
* Add a "Forgot your password?" link from OPAC login screen to https://<hostname>/password/<locale>
* Implement request throttling
* Disable access to the password forms via unencrypted HTTP
* Add OU setting to choose "barcode + email" authentication type over "barcode or user name"
* Add OU setting to support the option of preventing staff from using this interface to reset their passwords
* Add Dojo spice to the sad but functional HTML forms
git-svn-id: svn://svn.open-ils.org/ILS/branches/rel_1_6@16121
dcc99617-32d9-48b4-a31d-
7c20da2025e4
projects / working / Evergreen.git / commit