Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: respect session created_at on secure password update #1164

Merged
merged 2 commits into from
Jul 4, 2023
Merged

fix: respect session created_at on secure password update #1164

merged 2 commits into from
Jul 4, 2023

Conversation

kangmingtay
Copy link
Member

What kind of change does this PR introduce?

  • Updating a user's password should only require reauthentication if the current session is not recent (created more than 24hrs ago)

@kangmingtay kangmingtay requested a review from a team as a code owner July 3, 2023 17:17
@kangmingtay kangmingtay force-pushed the km/fix-reauthenticate-password-recovery branch from f6d0cd0 to ff3e27d Compare July 3, 2023 17:25
@kangmingtay kangmingtay merged commit 963df37 into master Jul 4, 2023
@kangmingtay kangmingtay deleted the km/fix-reauthenticate-password-recovery branch July 4, 2023 08:37
@github-actions
Copy link
Contributor

github-actions bot commented Jul 4, 2023

🎉 This PR is included in version 2.79.2 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@kangmingtay kangmingtay changed the title fix: respect last_sign_in_at on secure password update fix: respect session created_at on secure password update Jul 11, 2023
uxodb pushed a commit to uxodb/auth that referenced this pull request Nov 13, 2024
@kangmingtay
fix: respect last_sign_in_at on secure password update (supabase#1164)
d134d9e 
## What kind of change does this PR introduce?
* Updating a user's password should only require reauthentication if the
current session is not recent (created more than 24hrs ago)
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 13, 2024
@kangmingtay @LashaJini
fix: respect last_sign_in_at on secure password update (supabase#1164)
99c15a9 
## What kind of change does this PR introduce?
* Updating a user's password should only require reauthentication if the
current session is not recent (created more than 24hrs ago)
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 15, 2024
@kangmingtay @LashaJini
fix: respect last_sign_in_at on secure password update (supabase#1164)
7e1b6b5 
## What kind of change does this PR introduce?
* Updating a user's password should only require reauthentication if the
current session is not recent (created more than 24hrs ago)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@J0 J0 J0 approved these changes

@hf hf hf approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kangmingtay @hf @J0