Which means the user will only be able to reset their password, and not sign-in.
Once the user resets the password the user state is set to active once more.
If the link is used a second time they will be redirected to the index page with a message
that the link in the email is not longer valid.
Refactored the forms so that fields like email_address can be used in multiple forms.
Refactored form validation so that a query function is passed into the form to be run, this
way the form is not exposed to the dao layer and the query is more efficient.
This PR still requires some frontend attention. Will work with Chris to update the templates.
Found a way to create the token that does not need to persist it to the database.
This requires proper error messages, written by people who speak menglis good.
Start implementation for new-password endpoints.
Created PasswordResetToken model
ToDo: create and save token, send valid url to user,
check validity of token, update user's password, redirect to /two-factor.
For pages where
- we want you to be sure that you want to do what you’re about to do
- we want to be sure it’s you trying to do the thing
This adds a page that asks the user to confirm their password.
Adds the pages and wires them together, so that it’s possible to click
through them.
The wording is not quite English, but attempts to be an rough description of
what the consequences are for each of the four actions.
- adds a table of recent activity to the job page, which is shared by the
dashboard page
- uses the same filename and message template as the first job shown on the
dashboard
- sets the time of file uploads/message delivery/message sending to always
match ‘just now’
Having the full history of the message is more information than is necessary.
We should only show what stage the message is at, and the time that it reached
that stage.
We can do research later on to find out if users understand or care about the
different stages.
- adds a table of recent activity to the job page, which is shared by the
dashboard page
- uses the same filename and message template as the first job shown on the
dashboard
- sets the time of file uploads/message delivery/message sending to always
match ‘just now’
These are basic tests to make sure that the pages stay stitched together.
Added for both the jobs and send SMS flows (because the send SMS flow didn’t
have any before)
This mocks out a data structure for a job’s messages, and renders this data:
- on the notification page, as a table, which links through to…
- …the page for an indidivual message
