diff options
Diffstat (limited to 'doc/todo/httpauth_feature_parity_with_passwordauth.mdwn')
-rw-r--r-- | doc/todo/httpauth_feature_parity_with_passwordauth.mdwn | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/doc/todo/httpauth_feature_parity_with_passwordauth.mdwn b/doc/todo/httpauth_feature_parity_with_passwordauth.mdwn new file mode 100644 index 000000000..eb71cf840 --- /dev/null +++ b/doc/todo/httpauth_feature_parity_with_passwordauth.mdwn @@ -0,0 +1,28 @@ +The only way to have a private ikiwiki, with a shared user database +for static pages and CGI authentication, is to use +[[plugins/httpauth]]. It would be good for httpauth to be on par with +[[plugins/passwordauth]], i.e. to allow registering users, resetting +passwords, and changing passwords; supporting some kind of +`account_creation_password` configuration option would be nice, too. + +I'll probably propose patches implementing this at some point. +I've not had a single look at the code yet, but it may be nice to factorize +the relevant passwordauth code, instead of rewriting it completely in httpauth. + +-- [[intrigeri]] + +Well, on such a private wiki, one can neither register herself nor +reset his password: the registration page, as any other page, would be +forbidden to non-authenticated users. Admin users should then be +enabled to: + +- register a new user +- reset someone else's password + +In both cases, a brand new random password is sent by e-mail to the +new user. + +An authenticated user should nevertheless be able to change his +own password. -- [[intrigeri]] + +[[wishlist]] |