@mattab opened this Issue on January 14th 2019 Member

To ensure Super Users are really the people they claim to be, when a Super User attempts to sign in for the first time after a long break (eg. one year?) then we ask the Super User to re-validate their email address by clicking on a link.

Idea from twitter: https://twitter.com/simonw/status/1084601178954944512

sec

@simivar commented on April 1st 2019 Contributor

I could pick up and prepare PR for that issue.

I was thinking about make two new settings in .ini config: boolean revalidate_superusers_password to toggle the feature (default to 1) and integer revalidate_superusers_password_after with default set to 365.

I see that there is already last_seen option that can be used for that but what about users that don't have last_seen? I see that could happen in two situations:

  • if somebody never logged in: then we should look at registration time and re-validate e-mail address if it was >= revalidate_superusers_password_after.
  • if someone updated Matomo from version that did not have last_seen saved: do you maybe know how long ago it was added? is is something I should worry about? if so, what to do?

What do you think about that approach?

@tsteur commented on April 1st 2019 Member

Wonder if we even need a setting or could just revalidate after 1 year or 6 months or so?

@tsteur commented on April 1st 2019 Member

Something to keep in mind though that makes this flow a bit buggy is that we don't validate an email address when adding an account. So the super user email may not actually exist and can therefore not be validated afterwards. It should be edge case though and we could just have an FAQ explaining how t o change the email address or so in the DB.

Powered by GitHub Issue Mirror