The Settings page requires the email and password fields regardless of whether their changed #630
Comments
rschristian
changed the title
|
It's pretty common to ask for authentication information when you are about to change sensitive information about the account. As such changes are rare, it doesn't introduce much inconvenience for users. There si no plan to make a related change to the API. |
|
Sure, that is pretty common, however, that is not what this is. If you provide invalid credentials on that form your changes to the account aren't rejected. Instead, the credentials for the account change entirely. There is no confirmation of credentials built into the back end for that feature. |
|
If that is supposed to be a way in which the user needs to provide their credentials to change their bio, image, or username, and only those, there will probably also need to be a way to change their email and passwords. |
|
I agree. We can't affect all existing implementations with such changes but the goal is to work as soon as possible on new specs based on all suggestions provided to make them more 'real' |
Currently the "Email" and "New Password" fields are required by the API when they should not be. The user is unable to update say their username without also providing their email and password. This means users are essentially overwriting both their email and password every time they go to change any field on their profile.
The text was updated successfully, but these errors were encountered: