Y
Hacker News
new
|
ask
|
show
|
jobs
by
dennisgorelik
3666 days ago
You should allow to reset password to the users without authentication (and therefore without authorization).
That's the nature of password reset link.
1 comments
sopooneo
3665 days ago
Oh of course. Good point.
link