[PR #1128] [CLOSED] Allow server admins to reset internal user passwords #17485

New Issue

Closed

opened 2026-05-18 17:55:06 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-05-18 17:55:06 -05:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/fosrl/pangolin/pull/1128
Author: @adrianeastles
Created: 7/25/2025
Status: ❌ Closed

Base: dev ← Head: feature/admin-reset-user-password

---

📝 Commits (4)

• d664eb2 - Add API endpoint POST /admin/user/{userId}/password for server admins
• 41054cd Fixed dark mode issue
• c588128 Aligned password reset time with current standards in other places.
• 87da1eb Added password reset functionality to API keys

📊 Changes

9 files changed (+497 additions, -0 deletions)

View changed files

📝 messages/en-US.json (+9 -0)
📝 server/auth/actions.ts (+1 -0)
📝 server/routers/external.ts (+5 -0)
📝 server/routers/integration.ts (+7 -0)
➕ server/routers/user/adminResetUserPassword.ts (+212 -0)
📝 server/routers/user/index.ts (+1 -0)
📝 src/app/admin/users/[userId]/general/page.tsx (+29 -0)
➕ src/components/AdminPasswordReset.tsx (+232 -0)
📝 src/components/PermissionsSelectBox.tsx (+1 -0)

📄 Description

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

This introduces essential administrative capabilities for user account management. Server administrators can now reset passwords for internal users through a new password reset feature in the admin interface. The implementation includes a dedicated API endpoint for secure password reset operations, enhanced backend logic for password generation and validation, and updated frontend components in the admin user management table.

How to test?

1. Navigate to Admin Interface

   • Go to Admin → Users
   • Locate an internal user in the users table

2. Initiate Password Reset

   • Click on the user row to open user details
   • Click the "Reset Password" button
   • Confirm the action in the dialog that appears

3. Handle Password Reset

   • If SMTP is enabled: Check the user's email for the password reset link
   • If SMTP is disabled: The password reset link will be displayed on screen for you to copy
   • Use the provided link to access the password reset page
   • Enter a new password and confirm it

4. Verify Success

   • Confirm the password reset was successful
   • Test logging in with the new password
   • Verify the old password no longer works

Screenshots

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/pangolin/pull/1128 **Author:** [@adrianeastles](https://github.com/adrianeastles) **Created:** 7/25/2025 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `feature/admin-reset-user-password` --- ### 📝 Commits (4) - [`d664eb2`](https://github.com/fosrl/pangolin/commit/d664eb2a8d48075b6629eeeb67e6cea0bb2f21d3) - Add API endpoint POST /admin/user/{userId}/password for server admins - [`41054cd`](https://github.com/fosrl/pangolin/commit/41054cd46224f7b9a4b62e0e3d425f2b608fb99f) Fixed dark mode issue - [`c588128`](https://github.com/fosrl/pangolin/commit/c58812851118731306a2b1565d64a7c1c1b23b21) Aligned password reset time with current standards in other places. - [`87da1eb`](https://github.com/fosrl/pangolin/commit/87da1ebe15d711208be4b465de0f3c71525d0aee) Added password reset functionality to API keys ### 📊 Changes **9 files changed** (+497 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `messages/en-US.json` (+9 -0) 📝 `server/auth/actions.ts` (+1 -0) 📝 `server/routers/external.ts` (+5 -0) 📝 `server/routers/integration.ts` (+7 -0) ➕ `server/routers/user/adminResetUserPassword.ts` (+212 -0) 📝 `server/routers/user/index.ts` (+1 -0) 📝 `src/app/admin/users/[userId]/general/page.tsx` (+29 -0) ➕ `src/components/AdminPasswordReset.tsx` (+232 -0) 📝 `src/components/PermissionsSelectBox.tsx` (+1 -0) </details> ### 📄 Description ## Community Contribution License Agreement By creating this pull request, I grant the project maintainers an unlimited, perpetual license to use, modify, and redistribute these contributions under any terms they choose, including both the AGPLv3 and the Fossorial Commercial license terms. I represent that I have the right to grant this license for all contributed content. ## Description This introduces essential administrative capabilities for user account management. Server administrators can now reset passwords for internal users through a new password reset feature in the admin interface. The implementation includes a dedicated API endpoint for secure password reset operations, enhanced backend logic for password generation and validation, and updated frontend components in the admin user management table. ## How to test? 1. **Navigate to Admin Interface** - Go to **Admin** → **Users** - Locate an internal user in the users table 2. **Initiate Password Reset** - Click on the user row to open user details - Click the **"Reset Password"** button - Confirm the action in the dialog that appears 3. **Handle Password Reset** - **If SMTP is enabled**: Check the user's email for the password reset link - **If SMTP is disabled**: The password reset link will be displayed on screen for you to copy - Use the provided link to access the password reset page - Enter a new password and confirm it 4. **Verify Success** - Confirm the password reset was successful - Test logging in with the new password - Verify the old password no longer works ## Screenshots <img width="1340" height="721" alt="Screenshot 2025-07-25 at 8 54 05 pm" src="https://github.com/user-attachments/assets/3e7ec038-79ab-4b7c-baf5-616e12c16dc2" /> <img width="647" height="337" alt="Screenshot 2025-07-25 at 8 54 10 pm" src="https://github.com/user-attachments/assets/4160b08f-11c1-4e57-90b8-b68a3a3f78b3" /> <img width="627" height="328" alt="Screenshot 2025-07-25 at 8 54 15 pm" src="https://github.com/user-attachments/assets/dd987b2c-1f82-4e31-95f6-8a8b12540954" /> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2026-05-18 17:55:06 -05:00

GiteaMirror closed this issue 2026-05-18 17:55:07 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/npm_and_yarn/prod-patch-updates-94425a55d0

dependabot/npm_and_yarn/dev-minor-updates-4aaf4dbce4

dependabot/go_modules/install/minor-updates-a249525a56

fix-3104

dev

exit-node-reconnect

fix-logoUrl

button-to-rebuild-association

crowdin_dev

rdp-ssh

dependabot/npm_and_yarn/brace-expansion-5.0.6

copilot/fix-documentation-input-output-types

dependabot/github_actions/sigstore/cosign-installer-4.1.2

redis

resource-policies

dependabot/npm_and_yarn/next-15.5.18

dependabot/npm_and_yarn/fast-uri-3.1.2

s3

dependabot/npm_and_yarn/fast-xml-builder-1.2.0

dependabot/npm_and_yarn/axios-1.15.2

dependabot/npm_and_yarn/next-intl-4.9.2

dependabot/docker/node-26-alpine

dependabot/docker/docker/library/node-26-slim

dependabot/npm_and_yarn/multi-7bdfbe8666

dependabot/npm_and_yarn/multi-d2fd79378c

dependabot/npm_and_yarn/uuid-14.0.0

dependabot/npm_and_yarn/postcss-8.5.10

dependabot/github_actions/actions/setup-node-6.4.0

dependabot/npm_and_yarn/next-16.2.1

dependabot/npm_and_yarn/recharts-3.8.1

cross-org-idp

breakout-sites-tables

ssh

delete-account

msg-delivery

org-only-idp

cicd

patch

site-targets-auto-login

1.18.4

1.18.3

1.18.2

1.18.1

1.18.0

1.18.0-rc.0

1.17.1

1.17.0

1.17.0-rc.0

1.16.2

1.16.1

1.16.0

1.16.0-rc.0

1.15.4

1.15.3

1.15.2

1.15.1

1.15.0

1.15.0-rc.0

1.14.1

1.14.0

1.14.0-rc.0

1.13.1

1.13.0

1.13.0-rc.0

1.12.3

1.12.2

1.12.1

1.12.0

1.12.0-rc.0

1.11.1

1.11.0

1.10.3

1.10.2

1.10.1

1.10.0

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

1.0.0-beta.12

1.0.0-beta.11

1.0.0-beta.10

1.0.0-beta.9

1.0.0-beta.8

1.0.0-beta.7

1.0.0-beta.6

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

api

authentication

bug

config

dependencies

docker

documentation

enhancement

good first issue

help wanted

Improvement

Look Into

needs investigating

networking

new feature

non-critical bug

potential bug

pull-request

Mirrored from GitHub Pull Request

question

reverse proxy

Security

stale

ui

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/pangolin#17485