Details
-
Type:
New Feature
-
Status:
Resolved
-
Priority:
Critical
-
Resolution: Fixed
-
Version/s: None
-
Labels:
Description
Upstream BOINC is changing how email changes as handled, including a notification sent to the old address and a seven-day period when the change may be undone. We should implement something similar.
It should be possible to use the upstream BOINC implementation and attach our Drupal UI to the functionality.
This issue is not directly related to the GDPR work, DBOINCP-426, but is it is a prerequisite to some of the tasks, such as user deletion.
Issue Links
- Depends on
-
DBOINCP-441 Update to web code breaks creation of new users
-
- is related to
-
DBOINCP-426 GDPR compliance
-
- relates to
-
DBOINCP-448 Password reset oddities
-
GitHub PR 2453 was recently merged. This contains a token mechanism that we can use for one-time links. It would be great to use this for secure email changes.
Update: In order to use this code, we must update the BOINC webcode in html/.