Page MenuHomePhabricator
Differential D20673

Record account recovery email links in the user activity log and make the mail message reference the log
ClosedPublic
Actions

Authored by epriestley on Jul 19 2019, 10:05 PM.
Tags
None
Referenced Files
F18374939: D20673.id49319.diff
Thu, Aug 28, 9:20 AM
F18374761: D20673.id49300.diff
Thu, Aug 28, 9:11 AM
F18374166: D20673.diff
Thu, Aug 28, 8:26 AM
F18373487: D20673.diff
Thu, Aug 28, 7:39 AM
F18371131: D20673.id49300.diff
Thu, Aug 28, 4:42 AM
F18371079: D20673.id.diff
Thu, Aug 28, 4:37 AM
F18370696: D20673.id49319.diff
Thu, Aug 28, 4:08 AM
F18308741: D20673.diff
Sun, Aug 24, 3:05 AM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Maniphest Tasks
T13343: Make "Send a login link to your email address" email include why it was sent to avoid confusion
Commits
rP60db658d52c4: Record account recovery email links in the user activity log and make the mail…
Summary

Depends on D20672. Ref T13343. When a user requests an account access link via email:

  • log it in the activity log; and
  • reference the log in the mail.

This makes it easier to ban users misusing the feature, provided they're coming from a single remote address, and takes a few steps down the pathway toward a button in the mail that users can click to report the action, suspend account recovery for their account, etc.

Test Plan
  • Requested an email recovery link.
  • Saw request appear in the user activity log.
  • Saw a reference to the log entry in the mail footer.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

Diff 49319

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/controller/PhabricatorEmailLoginController.php

Loading...
View Options

src/applications/people/mail/PhabricatorPeopleMailEngine.php

Loading...
View Options

src/applications/people/userlog/PhabricatorEmailLoginUserLogType.php

Loading...
Phabricator · Built by Phacility