I want to be able to send a users username and password when a user is creating anoter user in Devise. When say, admin creates a new user. A welcome mail should go with his username and password. The catch is it should only happen for users created by admin and other users should get regular devise confirmation mail. It will be greated if we are able to skip confirmation for users created by admin alone. Any ideas?
Related
We have a web app (SPA Angular app talking to a .Net Core Web API) which uses Auth0 as the authentication server.
Now, I'm not sure if this would be an "invite flow" or "invite-only flow", or something else, but basically, a user will go to our web app, and create an account on our system. Our API then creates an Auth0 account for this user using the Auth0 Management API. This user is then considered the Administrator. She can then create as many users as she wants for her staff. For each user she creates, our API creates an Auth0 user using the Management API.
Since, as far as I'm aware, a user must be assigned a password at the moment of creation (i.e. you cannot create a user without a password), the administrator must pick a password for each user she creates.
Additionally, each time a user is created, Auth0 automatically sends out an email to that user asking them to verify their email address. When the user follows this link, it takes them to the Auth0 login screen where they have to fill in their email address and password.
My problem is that, unless the administrator tells them what password she picked for them, there's no way of them knowing.
My question is: is there a way to defer picking a password until the user logs in for the first time? So, when the administrator creates the user, she doesn't pick a password. Then, upon the user's first login, they pick their own password.
Alternatively, if a password MUST be set at the moment of creating the user, could this password be displayed to the user in the email verification email? I would essentially treat this as a temporary password, as I would also require the user to change their password upon first logon in this case.,
Thanks
I have implemented password expiry for my website. If a user has an expired password, then I would like to redirect the user to a specific form where I then resend a random password.
To do this, I have:
setup a form with a WebQuerySave agent that changes the password using the AdminP ChangeHTTPPassword method
set the custom form to load in the domcfg database
made the form a public access form, and the agent runs on behalf of an admin account
The issue I have, is that the user appears to get stuck in a loop of wanting the password changed (names.nsf?ChangePassword) and will not even let me redirect the user to complete a new form from that will then kick off the password reset etc. This includes a link to my password reminder page that sends the user their password.
These are external users, and I am using directory assistance. I do not use the ID vault here.
Is it possible to get out of this loop?
If not, then is it possible to add an agent to run when the standard password reset works?
On appfuse (http://appfuse.org/display/APF/Demos), an Administrator can add users. When adding a new user, the administrator can set "Password Hint" for the user being added, but not the user's actual password. When the user comes to login, how will the user know his exact password, my question is?
When administrator add some user, they only filled the the password hint.
And the password will be sent to user's email that has been registered.
In Lotus Domino, when user submits the login form, we need to intercept user's username and password and relogin him/her to Domino with another username and password, according to his/her input username and password.
Is it possible?
You will need a custom login and Access it with a URL: /names.nsf?login&Redirectto=/myDb.nsf/loginredirect?OpenForm
In the loginredirect user would be logged in with the username he enters. You will have to RELOG in with the another user. see http://dominounlimited.blogspot.co.il/2008/07/automated-login-to-domino-by-http-post.html
It is possible to do this in domino but it requires you to write a DSAPI filter, which can be complicated. DSAPI filter allowes you to validate the password and go around dominos password validation.
A easier solutions is to have another authentication server which logs in the user to domino, this will involve letting the authentication server doing a POST of the login form to domino and then give the session cookie to the user.
I am using Active Admin in my Rails Application. I have been able to set it up and use default user but I cannot add new User. When I go to Add New Admin User it lets me put in a username but never sends the email to setup a password. How does Active Admin send the default email out of a development configuration to be able to setup a password for my users?
Active Admin, by default, uses Devise for authentication. If you enable :confirmable it'll email that user to verify the creation of their account. You can read details on enabling :confirmable on an existing setup here: https://github.com/plataformatec/devise/wiki/How-To%3a-Add-%3aconfirmable-to-Users