Andreas Ellewsen
authored
If a sponsor verifies a nin that is already in use by an account in cerebrum, the guest will gain access to that account, which in turn allows the guest to change the password of that account. This makes it possible to abuse the guest service to steal the account of users. A feature that checks for this problem, and helps the sponsor make a decision on it, will be introduced in the near future. At that point nin verification can be enabled again. Resolves: GREG-202
| Name | Last commit | Last update |
|---|---|---|
| .. | ||
| api | ||
| authentication | ||
| migrations | ||
| templates | ||
| tests | ||
| __init__.py | ||
| admin.py | ||
| apps.py | ||
| mailutils.py | ||
| models.py | ||
| urls.py | ||
| utils.py | ||
| validation.py | ||