Allow site key reset by sending a link to maintainer email.Β #19
Description
Clients use a randomly generated persistent key to authenticate with the service. If this key is lost, the service will not accept results with a new key for a certain period (10 days). In many cases, it would be nice if this period can be securely reduced.
One possibility is by providing a key reset option that allows a maintainer to input their email address. This email address would then be checked against the stored maintainer email address and an email with a reset link with a random token be sent to it. If the link is clicked within some reasonable amount of time, the site key should be reset allowing new test results to be uploaded immediately for the site in question.