Refactor password reset link domain flow#13209
Open
erikbocks wants to merge 3 commits into
Open
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #13209 +/- ##
==========================================
Coverage 18.08% 18.09%
- Complexity 16718 16730 +12
==========================================
Files 6037 6037
Lines 542611 542803 +192
Branches 66433 66465 +32
==========================================
+ Hits 98136 98224 +88
- Misses 433448 433530 +82
- Partials 11027 11049 +22
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Currently, when a user tries to reset their password, an email is sent with a link that leads to a page where the user can redefine its password. However, this link uses the first value of the
hostconfiguration as the Management Server's domain. For some environments, it may not be interesting to expose the Management Server's IP in the URL.In order to fix this, the Management Server's domain definition workflow was refactored. Now, the request's domain is obtained. Then, GUI themes whose common names match the request's domain are fetched (being the common name a wildcard or the domain itself). If a theme is found, the request's domain is used for the password reset link.
Nevertheless, if no theme is found, the value of the
user.password.reset.mail.domain.urlglobal configuration is obtained. If the configuration has a defined value, it is used as the email's domain. But, if no value is defined, the current behavior is maintained and the first IP address of thehostconfiguration is used.With the refactoring, logs were also added to the domain selection process, allowing an easier troubleshooting process.
Types of changes
Feature/Enhancement Scale or Bug Severity
Feature/Enhancement Scale
Screenshots (if appropriate):
How Has This Been Tested?
Without any GUI theme and the
user.password.reset.mail.domain.urlset asnull, I requested a password reset link. Then, I validated that thehostconfiguration first IP was used, and the right protocol and port were set automatically.Management's IP test
Then, I set the
user.password.reset.mail.domain.urlconfiguration to another domain and requested a new password reset link. After checking the email, It was possible to observe that the configuration's value was used.Configuration test
At last, I created a GUI theme with a common name and also mapped it to my local
/etc/hostsfile. I used the configured common name to access the application login page, and requested a password reset link. When I received it, it was possible to observe that the reset link's domain was the GUI theme's configured common name.GUI theme test