On Mon, Mar 20, 2017 at 10:34 PM, Isura Karunaratne <is...@wso2.com> wrote:
> Hi Dinali, > > On Mon, Mar 20, 2017 at 10:05 PM Sagara Gunathunga <sag...@wso2.com> > wrote: > >> >> >> On Mon, Mar 20, 2017 at 7:22 PM, Hasanthi Purnima Dissanayake < >> hasan...@wso2.com> wrote: >> >> Hi Dinali, >> >> *There are two main concerns that am bothering about,* >> >> 1. *When the user clicks the link, I think we can redirect to the >> change password page in user portal. Is this fine or Do we need to use a >> custom page for that?* >> >> IMO redirecting to the change password page in user portal is fine here >> as this is an actual password reset. (Not a temporary pass code) >> >> > In IS6.0.0 we can create HTML based email templates, we better to support > a button in the email rather than a email link. In this way we can get rid > of printing confirmation codes in http access logs since we can pass the > confirmation code in post body. > > We have to follow this approach for self signup and account recovery > features as well. > > >> 2. *I think we need to lock the account of that >> user Until he adds a password. Is this necessary?* >> >> +1. I think the account should be locked until the user sets a password. >> >> As those features are already implemented in IS 5.3.0 it is better if we >> can study the existing behaviors as well. >> >> > I think we don't need to lock the user in ask password flow. The password > should be a auto generated one and none knows the password at time of > creating the user. > Hi Isura, According to the redmine description " send a one time password update link to the given email address". To me it means like,user will be setting the password by visiting the link which comes in the email..No generation of password from admin side.Please correct me if i'm wrong. Thanks, Thanks > Isura. > >> >> Thanks, >> >> >> >> Hasanthi Dissanayake >> >> Software Engineer | WSO2 >> >> E: hasan...@wso2.com >> M :0718407133| http://wso2.com <http://wso2.com/> >> >> On Mon, Mar 20, 2017 at 5:53 PM, Dinali Dabarera <din...@wso2.com> wrote: >> >> Hi All, >> >> I am going to implement User Onboarding - Ask Password with email >> verification according to the User story [1].The wire-frame given by the UX >> team is [2]. >> >> According to these, >> >> *In admin side,* >> >> - The admin creates a user and put his email and click on Add user. >> - Then an email is sent to the user's given email address. >> - The admin will redirect to the List user page. >> >> *In users side*, >> >> - The user will get a link to set a password. >> - The User can click on it and add a password. >> >> *There are two main concerns that am bothering about,* >> >> 1. *When the user clicks the link, I think we can redirect to the >> change password page in user portal. Is this fine or Do we need to use a >> custom page for that?* >> 2. *I think we need to lock the account of that user Until he adds a >> password. Is this necessary?* >> >> >> [1] https://redmine.wso2.com/issues/5749 >> [2]https://github.com/wso2-dev-ux/product-is/blob/master/ >> Wireframes/admin-portal/v3/3.5%20Add%20user%20with%20email% >> 20verification.png >> >> >> Please pay more attention on UX design, it is not just graphical >> arrangements you have to wear user's hat and see what is the experience >> from that side. >> >> - Instead of just "Domain" can't we use something like "Select a domain >> to add new user" ? >> >> - Helper texts are missing in UIs. >> >> - "Select Method " does not make any sense to me. >> >> - "E-mail" - > Enter the e-mail address of new user and it's important >> to have helper text here explaining what system going to do with provided >> e-mail >> >> >> >> Thanks ! >> >> >> Thank you! >> >> -- >> *Dinali Rosemin Dabarera* >> Software Engineer >> WSO2 Lanka (pvt) Ltd. >> Web: http://wso2.com/ >> Email : gdrdabar...@gmail.com >> LinkedIn <https://lk.linkedin.com/in/dinalidabarera> >> Mobile: +94770198933 <+94%2077%20019%208933> >> >> >> >> >> <https://lk.linkedin.com/in/dinalidabarera> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> -- >> Sagara Gunathunga >> >> Associate Director / Architect; WSO2, Inc.; http://wso2.com >> V.P Apache Web Services; http://ws.apache.org/ >> Linkedin; http://www.linkedin.com/in/ssagara >> Blog ; http://ssagara.blogspot.com >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > -- > > *Isura Dilhara Karunaratne* > Senior Software Engineer | WSO2 > Email: is...@wso2.com > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Denuwanthi De Silva Senior Software Engineer; WSO2 Inc.; http://wso2.com, Email: denuwan...@wso2.com Blog: https://denuwanthi.wordpress.com/
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
