Skip to content

Allow server admins to reset internal user passwords #1128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: dev
Choose a base branch
from
Open

Allow server admins to reset internal user passwords #1128

wants to merge 4 commits into from

Conversation

adrianeastles
Copy link
Contributor

@adrianeastles adrianeastles commented Jul 25, 2025
edited
Loading

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

This introduces essential administrative capabilities for user account management. Server administrators can now reset passwords for internal users through a new password reset feature in the admin interface. The implementation includes a dedicated API endpoint for secure password reset operations, enhanced backend logic for password generation and validation, and updated frontend components in the admin user management table.

How to test?

  1. Navigate to Admin Interface

    • Go to AdminUsers
    • Locate an internal user in the users table

  2. Initiate Password Reset

    • Click on the user row to open user details
    • Click the "Reset Password" button
    • Confirm the action in the dialog that appears

  3. Handle Password Reset

    • If SMTP is enabled: Check the user's email for the password reset link
    • If SMTP is disabled: The password reset link will be displayed on screen for you to copy
    • Use the provided link to access the password reset page
    • Enter a new password and confirm it

  4. Verify Success

    • Confirm the password reset was successful
    • Test logging in with the new password
    • Verify the old password no longer works

Screenshots

Screenshot 2025-07-25 at 8 54 05 pm Screenshot 2025-07-25 at 8 54 10 pm Screenshot 2025-07-25 at 8 54 15 pm

@adrianeastles
- Add API endpoint POST /admin/user/{userId}/password for server admins
d664eb2 
- Create AdminPasswordReset component with email/manual link options
- Integrate password reset into admin user detail pages
- Add translation keys for internationalization (EN-US-ONLY)
- Support both email sending and manual link generation"
@adrianeastles
Fixed dark mode issue
41054cd
@adrianeastles
Aligned password reset time with current standards in other places.
c588128
@adrianeastles
Added password reset functionality to API keys
87da1eb 
Add POST /v1/user/{userId}/password endpoint with API key authentication.
Supports both email and non-email modes, restricted to internal users only.
@adrianeastles adrianeastles marked this pull request as ready for review July 25, 2025 13:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@adrianeastles