[RCD] Ticket #1484558 - Patch to allow a user to change passwords

J. Javier Maestro roundcube-devel at nosys.es
Tue Jan 8 03:24:32 CET 2008

Hi all!

I am new to the list, so here goes a BIG FAT THANKS to all of you guys doing
all this hard work so we can enjoy a nice, clutter-free webmail. Kudos! :)

Now, I just set up a simple postfix+dovecot+postgres virtual-domain mail
server, and I want the users of this setup to be able to change their
passwords without "bothering me" :)

I checked the available tickets first, and found out that there is at least
one ticket (#1484558) that asks for pretty much the same stuff that I wanted,
so I decided to code it and see if you want it into the tree.

I uploaded my patch to TRAC, and I am sending the patch and my comment posted
there by email simply for redundancy's sake :)

--- Posted to TRAC, http://trac.roundcube.net/ticket/1484558 ---

   PATCH: (against rev. 950)
   My patch implements a simple RPC dialog so that admins can set a nice URL
   in the main.config via a new config variable
   ($rcmail_config['change_password_rpc']) pointing to where the
   change-password requests will be POSTed from the simple GUI form.
   I have added a tab called 'Passwords' in the 'Personal Settings', showing
   the so-common form with username, old pass, new pass and confirm pass. I
   also show the IMAP server, in case this information could be relevant to
   the admin changing the password.
   By letting the user choose the username, a user with more than one
   identity can change all the passwords easily. In any case, in a further
   patch, it would be good to limit the username field to only the identities
   of the user.
   I have also added an example file of an RPC similar to one I use to change
   my user passwords in my setup described above. I have added it to the SVN
   tree so that the diff showed it nicely, but surely this should only be in
   an examples folder, as it is not RC job to do all that.
   I have tried to code everything following the RC style, but no-one is
   perfect. Please tell me if I should change files around, etc.
       * Limit the username field to only the identities of the user.
       * Add one of those "password strength meters" to the form so that
         users can see when their passwords are crap weak :)
       * Clean up the RPC part and generalize it so that more backends
         (such as the one requested in this ticket) can be plugged in. 


As a side note, I think that this functionality could be generalised into a
core component for password changing so that RC could play nicely with other
RPCs indicating the password encoding scheme, etc. Perhaps, it could be
generalised into a "plugin" architecture, where the plugins could talk RPC to
other web services :-?  I will go and see if you guys have stuff published on
your wiki about the plugin architecture :)

Anyways, hope you find it useful!


J. Javier Maestro  <jjmaestro at nosys.es>
Socio Consultor   -    Nosys AJjV S.L.

 --- 8< --- detachments --- 8< ---
 The following attachments have been detached and are available for viewing.
 Only click these links if you trust the sender, as well as this message.
 --- 8< --- detachments --- 8< ---

-------------- next part --------------
List info: http://lists.roundcube.net/dev/

More information about the Dev mailing list