[isf-wifidog] Another authentication method?

Don Druce dondruce at sympatico.ca
Dim 13 Avr 18:35:34 EDT 2008

Hi Benoit

An associated question.  Do you think that the big long string in the 
authentication link sent to the users email address is what is causing 
HotMail to send the file to the user's SPAM folder ?   If a way could be 
found to reduce the number of emails sent to SPAM I think that it would 
be a good idea.


Benoit Grégoire wrote:
> On 11 April 2008, Michael Way wrote:
>> Thanks for your tips/comments regarding my issue.
>> I guess I've given up on the idea of having a simpler token
>> since I don't have the time (unfortunately) to do the code modifications,
>> although Benoit makes it sound quite easy! :-)
>> Still, it would be useful to have potential users have their email
>> authentication link sent to their sponsors email address (which is on the
>> inside of our firewall). Unfortunately I discovered that you cannot use the
>> same email to sign up more than once. Is there a simple way to change this?
>> I would guess it's one or two lines of code somewhere?
> Not really, validation tokens are stored in the user table.  There is a unique 
> constraint on email (per network), as the email can be used for login.  To 
> allow the feature your want, you'd have to get this validation token to be 
> stored in another table, and change all references to it in the code.  Not 
> very difficult (and quite possibly a good idea), but definitely more than a 
> few lines of code, not to mention the database schema upgrade fragment.
>> Another more trivial question: Is there a way to set up account
>> expiration dates,
>> or a way to expunge an account (you're going to tell me to do it in
>> postgres I guess)?
>> I couldn't find a link in the admin web pages that said "delete account",
>> or "set account expiration". Maybe I'll need to repost this last
>> question...
> Note that accounts are not meant to be deleted, ever, as this would erase all 
> traces of the user's passage in bandwidth statistics, and make dynamic abuse 
> control essentially impossible in the future.
> Accounts are supposed to end their life by setting their status "LOCKED_OUT".  
> That could be done using an expiration date, but most uses that would have 
> are best served (and implemented more easily) with one time or persistent 
> tokens.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20080413/b4d21e88/attachment.htm 

Plus d'informations sur la liste de diffusion WiFiDog