Error message shown if email not exits#113
Error message shown if email not exits#113Mihir-solanki-13 wants to merge 1 commit intoBitByte-TPC:masterfrom
Conversation
|
@Mihir-solanki-13 IMO we don't need a separate endpoint just to check if an email exists or not (from both design and security perspectives as it would allow anyone to hit that endpoint with an email address to check if that email is registered on the site or not). And, what you're assuming as a missing functionality is actually a security feature in Django framework because otherwise, anyone could go on the password reset page to check if an email address is registered on the site or not. And it's true for every website, you would never find a serious application that reveals this information about its users. Instead, they all just say that if the email address is registered on the application, you will get a password reset link soon, otherwise you won't. So, I would suggest not to add this enhancement to the Alumni site. |
2 participants
[Feature] Error Handling for Password Reset Email
This pull request adds error-handling functionality to the password reset feature. Previously, if a user entered an incorrect email or if the email did not exist, they were redirected to the next page without any notification.
With this change, if the user enters the wrong email or the email does not exist in the system, an error message is displayed, and the user is prevented from proceeding to the next page.
Changes made:
This enhancement improves the user experience by providing clear feedback and preventing unnecessary redirects in case of incorrect email inputs.