-
-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User should be able to delete his account even with no password set #104
Comments
Yes, it's a security flaw and jetstream by default requires a password to delete an account, so I've kept that functionality. The code may be modified to include the check for the feature, but the requirement of a password should still be present |
for my clarification, this means until Jetstream supports deleting without password, socialstream will not support deleting of password-less users either? ie. if I want to allow password-less users to delete their account, I will need to take this up with jetstream maintainers? semi-related I want to even make it possible to disable setting a password entirely on a team aka domain level, so that organizations can force the use of SSO. |
@lsmith77, yes the team at Laravel are responsible for disabling deleting an account without a password. They may publish a file on install, that you can override, but I can't guarantee it. RE your SSO questions, is it not enough to just hide the forms with a condition?
|
yeah but I then also need to add some logic to the controller to check this. will have to see how I can do this somewhat cleanly. kinda wish that socialstream would be seen as part of jetstream core. |
ah .. looks like I am digging up old “wounds” with my above statement as I just found laravel/jetstream#444 I will look into this a bit more on the jetstream side to see what sort of extension points might be needed to make this work cleanly. if I have any findings (ie. ideally a PR) you will seen it soon enough. |
@lsmith77 Yup, don't go there... 😢😂 |
Is there a specific reason for the following modification?
old
new
The text was updated successfully, but these errors were encountered: