Account Management Patterns


On the weekend, I drew some diagrams describing the account management sub-system I had written for Quisition, partly to see the patterns abstracted from the particular implementation.

Here's the login pattern:

Elliotte Rusty Harold recently wrote about the problems with using GETs for confirmation.

I wanted account signup to involve being sent an email to ensure the user had given a legitimate email address, but cognisant of the issues Rusty raises, I made the email received on signup link to a further form the user then has to submit to truly activate the account:

I originally had the "forget password form" directly resetting the password, but then I realised someone could maliciously enter the email address of another user to reset their password. Not a security issue so much (the new password goes to the right person) but it's a nuisance for the person if they didn't request the reset.

So I adopted an additional pattern where an email is sent which then takes the user to a reset password form:

In both cases, the URI in the email includes a hash in the parameters so the GET that leads to the form can't be faked.

The original post had 2 comments I'm in the process of migrating over.