Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added API to reset forgotten password #274

Merged
merged 10 commits into from
Jul 18, 2024
Merged

Added API to reset forgotten password #274

merged 10 commits into from
Jul 18, 2024

Conversation

lukaskabc
Copy link
Collaborator

Mail server configuration is now required to start the application [code link].

@gitguardian GitGuardian
Copy link

gitguardian bot commented Jul 17, 2024
edited
Loading

⚠️ GitGuardian has uncovered 8 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard.
Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
- - Generic High Entropy Secret e2b5992 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret e2b5992 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret 2a3c6b5 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret 79ad742 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret 2a3c6b5 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret e2b5992 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret 79ad742 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
- - Generic High Entropy Secret e2b5992 src/test/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDaoTest.java View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

ledsoft
ledsoft requested changes Jul 18, 2024
View reviewed changes
Copy link
Contributor

@ledsoft ledsoft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See the inline comments.

src/main/java/cz/cvut/kbss/termit/dto/PasswordChangeDto.java Outdated Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/persistence/dao/PasswordChangeRequestDao.java Outdated Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/rest/PasswordChangeController.java Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/rest/PasswordChangeController.java Outdated Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/service/business/PasswordChangeService.java Outdated Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/service/business/PasswordChangeService.java Outdated Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/service/mail/Postman.java Outdated Show resolved Hide resolved
...main/java/cz/cvut/kbss/termit/service/repository/PasswordChangeRequestRepositoryService.java Outdated Show resolved Hide resolved
src/main/java/cz/cvut/kbss/termit/service/repository/UserRepositoryService.java Show resolved Hide resolved
@ledsoft
Copy link
Contributor

ledsoft commented Jul 18, 2024

Also, please always link the PR to the issue it resolves.

@ledsoft
Copy link
Contributor

ledsoft commented Jul 18, 2024

Implements kbss-cvut/termit-ui#332.

@lukaskabc lukaskabc force-pushed the lukaskabc/password-reset branch from 105e027 to 2096440 Compare July 18, 2024 09:31
@lukaskabc lukaskabc force-pushed the lukaskabc/password-reset branch from 2096440 to 79ad742 Compare July 18, 2024 09:36
@ledsoft ledsoft linked an issue Jul 18, 2024 that may be closed by this pull request
Proper password recovery kbss-cvut/termit-ui#332
Closed
@lukaskabc lukaskabc requested a review from ledsoft July 18, 2024 11:15
ledsoft
ledsoft approved these changes Jul 18, 2024
View reviewed changes
Copy link
Contributor

@ledsoft ledsoft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ledsoft ledsoft merged commit de199dc into kbss-cvut:development Jul 18, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ledsoft ledsoft ledsoft approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Proper password recovery
2 participants
@lukaskabc @ledsoft