Skip to content

[BB-2290] Add password recovery

Boros Gábor requested to merge agrendalath/bb-2290-password_recovery into master

Created by: Agrendalath

This adds django-rest-passwordreset, which provides API for resetting password and adds the password recovery workflow to the new Ocim frontend.

Testing instructions:

  1. Checkout this branch.
  2. Run Ocim (inside vagrant with make run.dev).
  3. Go to frontend/ and build the new API client with ./scripts/build-api-client.sh
  4. Run the new frontend: npm start.
  5. Create a new account in console.
  6. Go to the Login page and click on I forgot my password.
  7. Test the following:
    1. non-email value,
    2. non-existing value,
    3. existing value.
  8. The last one from the previous point will output an email in the terminal that runs Ocim. Optionally you can copy the whole email and create HTML file from it to check that it looks correctly.
  9. Copy the reset link from an email and paste into the browser. Try the following things on the password reset page:
    1. non-matching passwords,
    2. non-correct passwords,
    3. correct passwords.
  10. After changing the password, you should be redirected to the login page with an appropriate success alert.
  11. Use the copied link again and see that it's not valid anymore.

Reviewers:

Merge request reports