PILOS icon indicating copy to clipboard operation
PILOS copied to clipboard
verified publisher icon THM-Health

Password confirmation for critical pages

Open dsst95 opened this issue 5 years ago • 1 comments

Is your feature request related to a problem? Please describe. Currently the settings and own profile can be modified if the user is logged in and for some reason another person gets access to the opened application.

Describe the solution you'd like This should be prevented by adding a password confirmation for critical pages, so before executing actions like updating the own users profile or other application settings the user must input his password. What also should be considered is a too long opened page after the password confirmation, e.g. the own profile page. In this case on save the user should reconfirm his password.

Describe alternatives you've considered No alternatives.

Additional context A possible solution was removed in 9a4433c due to missing checks.

dsst95 avatar Nov 24 '20 13:11 dsst95

Password confirmation for actions on own profile have been added in #304

samuelwei avatar Mar 09 '23 17:03 samuelwei