Velusamy Velu:
-- I'm alredy know that link. I implemented my password reset based on your workflow.
But there again is the same Problem (for me actually, perhaps due to my implementation). If a letter is removed from the hashed token standing in the URL, and then just hit ENTER, the exact page reloads ( with the prompt for new password and retype new password ). In that case when submitting, nothing happens, because the token does not match the Token already stored in the DB, but like I said before, the page reloads, displaying the GUI, and it shoudn't do that.
luni, 6 iunie 2016, 14:47:47 UTC+3, Olar Andrei a scris:
luni, 6 iunie 2016, 14:47:47 UTC+3, Olar Andrei a scris:
Hello,For now my aplication (MVP) has a login page, and 2 other palces, the AdminPlace and the UserPlace.My URL looks like this:The login form consists of username and password, where the username is passed as a token to the next Place.A user can't connect if he does not know the password, but let's say I'm logged in like in the link above. If I change the Admin to Admin2 or whatever, I still can see the page content. I don't want this. How can I avoid this ?Thanks in advance
You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at https://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment