You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@allura.apache.org by Dave Brondsema <da...@brondsema.net> on 2019/05/20 16:00:21 UTC
[allura:tickets] #8287 Backfill all previous_login_details - NEEDS SCRIPT
---
** [tickets:#8287] Backfill all previous_login_details - NEEDS SCRIPT**
**Status:** in-progress
**Milestone:** unreleased
**Created:** Mon May 20, 2019 04:00 PM UTC by Dave Brondsema
**Last Updated:** Mon May 20, 2019 04:00 PM UTC
**Owner:** Dave Brondsema
With [#8278] `previous_login_details` started getting stored and backfilled after successful logins. With [#8279] to check for strong enough passwords during login, it relies on checking `previous_login_details` to know what kind of password reset to do, but `previous_login_details` might not be populated yet. So we should have a script to backfil that field for everyone so we can rely on it.
---
Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #8287 Backfill all previous_login_details - NEEDS SCRIPT
Posted by Kenton Taylor <kt...@slashdotmedia.com>.
- **status**: review --> closed
---
** [tickets:#8287] Backfill all previous_login_details - NEEDS SCRIPT**
**Status:** closed
**Milestone:** unreleased
**Created:** Mon May 20, 2019 04:00 PM UTC by Dave Brondsema
**Last Updated:** Tue May 21, 2019 06:54 PM UTC
**Owner:** Dave Brondsema
With [#8278] `previous_login_details` started getting stored and backfilled after successful logins. With [#8279] to check for strong enough passwords during login, it relies on checking `previous_login_details` to know what kind of password reset to do, but `previous_login_details` might not be populated yet. So we should have a script to backfil that field for everyone so we can rely on it.
---
Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] Re: #8287 Backfill all previous_login_details - NEEDS SCRIPT
Posted by Dave Brondsema <da...@brondsema.net>.
Yes, although its only really necessary if you want to enable the `auth.hibp_failure_force_pwd_change` setting. That new setting checks partial password hashes against https://haveibeenpwned.com/Passwords and forces affected users to change their password.
(And the "NEEDS SCRIPT" in the ticket title will help us remember to include specific instructions when we make a release changelog).
---
** [tickets:#8287] Backfill all previous_login_details - NEEDS SCRIPT**
**Status:** review
**Milestone:** unreleased
**Created:** Mon May 20, 2019 04:00 PM UTC by Dave Brondsema
**Last Updated:** Tue May 21, 2019 05:23 PM UTC
**Owner:** Dave Brondsema
With [#8278] `previous_login_details` started getting stored and backfilled after successful logins. With [#8279] to check for strong enough passwords during login, it relies on checking `previous_login_details` to know what kind of password reset to do, but `previous_login_details` might not be populated yet. So we should have a script to backfil that field for everyone so we can rely on it.
---
Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] Re: #8287 Backfill all previous_login_details - NEEDS SCRIPT
Posted by Ingo <in...@gmx.net>.
I think, I didn't get it, yet. Will I need to run this script at the next
Allura upgrade?
---
** [tickets:#8287] Backfill all previous_login_details - NEEDS SCRIPT**
**Status:** review
**Milestone:** unreleased
**Created:** Mon May 20, 2019 04:00 PM UTC by Dave Brondsema
**Last Updated:** Tue May 21, 2019 05:23 PM UTC
**Owner:** Dave Brondsema
With [#8278] `previous_login_details` started getting stored and backfilled after successful logins. With [#8279] to check for strong enough passwords during login, it relies on checking `previous_login_details` to know what kind of password reset to do, but `previous_login_details` might not be populated yet. So we should have a script to backfil that field for everyone so we can rely on it.
---
Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #8287 Backfill all previous_login_details - NEEDS SCRIPT
Posted by Dave Brondsema <da...@brondsema.net>.
- **status**: in-progress --> review
- **Comment**:
db/8287
`paste script path/to/your.ini allura/scripts/backfill_previous_login_details.py` Or run with task manager `allura.scripts.backfill_previous_login_details.BackfillPreviousLoginDetails`
---
** [tickets:#8287] Backfill all previous_login_details - NEEDS SCRIPT**
**Status:** review
**Milestone:** unreleased
**Created:** Mon May 20, 2019 04:00 PM UTC by Dave Brondsema
**Last Updated:** Mon May 20, 2019 04:00 PM UTC
**Owner:** Dave Brondsema
With [#8278] `previous_login_details` started getting stored and backfilled after successful logins. With [#8279] to check for strong enough passwords during login, it relies on checking `previous_login_details` to know what kind of password reset to do, but `previous_login_details` might not be populated yet. So we should have a script to backfil that field for everyone so we can rely on it.
---
Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.