Include Users IP Address When Sending Discord Notification for Forgot Password Usage #7

New issue

Closed

opened 2024-01-14 14:16:24 -06:00 by jimmyb · 1 comment

jimmyb commented 2024-01-14 14:16:24 -06:00

Owner

Copy link

When Discord sends a notification when someone submits the forgot password form, we should also include the IP from which the form was submitted from.

When Discord sends a notification when someone submits the forgot password form, we should also include the IP from which the form was submitted from.

jimmyb added the

component: security

type: improvement

component: backend

component: internal notifications

labels 2024-01-14 14:16:24 -06:00

jimmyb added this to the Laravel 13 + TailwindCSS project 2024-08-14 11:18:32 -05:00

Codex commented 2026-06-01 22:49:54 -05:00

Member

Copy link

Closing this out as intentionally not planned. After reviewing the current forgot-password flow, this does not look worth implementing as-is: reset links are already protected by the account-based 24-hour broker throttle, unknown usernames keep the same generic response, and adding only the requester IP to Discord would be noisy without giving us much actionable security signal. If we revisit this later, I would rather frame it as structured audit/security events for forgot-password attempts, with enough context to be useful, instead of a Discord-only IP field.

Closing this out as intentionally not planned. After reviewing the current forgot-password flow, this does not look worth implementing as-is: reset links are already protected by the account-based 24-hour broker throttle, unknown usernames keep the same generic response, and adding only the requester IP to Discord would be noisy without giving us much actionable security signal. If we revisit this later, I would rather frame it as structured audit/security events for forgot-password attempts, with enough context to be useful, instead of a Discord-only IP field.

Codex closed this issue 2026-06-01 22:49:54 -05:00

jimmyb removed this from the Laravel 13 + TailwindCSS project 2026-06-01 22:50:11 -05:00

jimmyb added the

status

wontfix

label 2026-06-01 22:50:23 -05:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dev

No results found.

Labels

Clear labels   

automated

  

code-quality

  

component: admin dashboard

The issue is related to the admin dashboard functionality.

  

component: backend

The issue is related to the backend code.

  

component: billing

The issue is related to our billing and payment system functionality.

  

component: content management

The issue is related to site content and moderation functionality.

  

component: faqs

The issue relates to our frequency asked questions and their categories.

  

component: game genres

The issue is related to genres in relation to games.

  

component: game lists

The issue is related to user-facing game list functionality.

  

component: game reviews

The issue relates to the game reviews functionality.

  

component: game search

The issue is related to the user-facing game search functionality.

  

component: games

The issue relates to games in our database.

  

component: internal notifications

The issue is related to the functionality of notifications sent for internal usage.

  

component: platforms

The issue is related to platform functionality.

  

component: security

The issue relates to the security issues within the app.

  

component: tests

The issue relates to unit and feature tests.

  

component: user api

The issue relates to the user-facing API.

  

component: user badges

The issue is related to our badge/achievements functionality.

  

component: user blogs

The issue is related to blogging functionality.

  

component: user consoles

The issue is related to user console lists functionality.

  

component: user favorites

This is issue is related to the favorites functionality.

  

component: user friends

The issue relates to the friending functionality.

  

component: user notifications

The issue is related to user-facing notifications functionality.

  

component: user profiles

The issue is related to user profile functionality.

  

component: user site notifications

The issue relates to the functionality of notifications shown to users directly on the website.

  

component: user wishlists

This issue is related to the wishlists functionality.

  

component: web design

This issue is related to the design of the website.

  

dependencies

Pull requests that update a dependency file.

  

php

Pull requests that update PHP code.

  

priority

high

The issue is considered a high priority.

  

priority

low

This issue is considered a low priority.

  

priority

medium

This issue is considered a medium priority.

  

security-hotspot

  

source: codex

  

source: sonarqube

  

status

awaiting feedback

The issue is awaiting feedback from others.

  

status

backlog

Issues that are in a backlog status.

  

status

done

The issue has been completed and closed out.

  

status

in progress

The issue is in progress and being actively worked on.

  

status

in queue

The issue is in queue and will be worked on shortly.

  

status

in review

The issue work has been completed and now the work needs to be reviewed.

  

status

needs codex review

Use this tag to have Codex spiffy up your issue.

  

status

needs investigation

The issue describes a problem which needs further investigation.

  

status

wontfix

This issue will not be worked on.

  

type: bug

The issue describes something working the way it wasn't intended too.

  

type: documentation

Improvements or additions to site documentation.

  

type: feature

A new feature for the website.

  

type: improvement

An improvement on an existing feature.

  

type: regression

The issue describes a function that previously worked and no longer does.

  

type: task

A small-ish task.

No labels

automated

code-quality

component: admin dashboard

component: backend

component: billing

component: content management

component: faqs

component: game genres

component: game lists

component: game reviews

component: game search

component: games

component: internal notifications

component: platforms

component: security

component: tests

component: user api

component: user badges

component: user blogs

component: user consoles

component: user favorites

component: user friends

component: user notifications

component: user profiles

component: user site notifications

component: user wishlists

component: web design

dependencies

php

priority

high

priority

low

priority

medium

security-hotspot

source: codex

source: sonarqube

status

awaiting feedback

status

backlog

status

done

status

in progress

status

in queue

status

in review

status

needs codex review

status

needs investigation

status

wontfix

type: bug

type: documentation

type: feature

type: improvement

type: regression

type: task

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

MyVideoGameList/myvideogamelist.com#7

No description provided.