|
<< Click to Display Table of Contents >> Navigation: Telegram > 2023 > 11 > 09 > Telegram_2023-11-09T05 |
2023-11-09T05:39:41
Why do you need this behaviour?
2023-11-09T05:42:51
I was trying to ensure that a certain TContentForm was not accessible via a pre existing UserSession and the session was initialised based off of url query parameters but I’ve worked around this with a TContentBase that initialises the UserSession then redirects to a TContentForm endpoint upon successful intialisation. My concern was if the TContentForm endpoint was typed by a user into the browser that already had UserSession variables setup they would be able to use the form but I’ve added a check in the form creation for a certain flag only settable via the TContentBase, otherwise the user is redirected
2023-11-09T05:44:13
The content form is for a password reset and uses an accountID UserSession variable, hence why I don’t want a user who’s logged into their account to be able to go to type: bot_command /ResetPassword (TContentForm endpoint) and successfully reset their password. It’s only accessible via an email link.