Hello! I'm starting to use Haven finally (we had talked over email before!) and after a pause in using it, and having changed my password, I got locked out. I have no idea how to get the password back (sadly my password manager didn't catch that I changed it) and was wondering if a possible feature to have an email reset the password would be able to be included?

I also was wondering if it would be possible to make the CSS editing a bit easier. I know some CSS/HTML, but I couldn't find an easy guide on how to start editing it as far as CSS classes and such. I know I can inspect element in my browser, but it might be worthwhile to either make note of some tips on styling it, or something along those lines? Especially for people who might not be quite as knowledgeable. If there is a guide somewhere, I apologize! I'm bad at finding things sometimes.

Thank you for your time and I really like the project!

Email password reset would be a great feature! And most of the code to do it is built right into Rails, and the auth framework I use, so it would be really easy to build. Unfortunately, none of the emails would ever go through.

Someone's self-hosted Haven doesn't have any reputation with the major email providers so they would assume that Haven is just sending spam. Here's an article someone random on the internet wrote about it a couple years ago: https://hackaday.com/2022/09/07/the-era-of-distributed-independent-email-servers-is-over/

The alternative is to integrate with a mail-sending company like Amazon SES, or SendGrid, or Mailgun, etc. But that means in addition to setting up and running your Haven, now you also have to sign up for one of these paid services, and configure your Haven and DNS recrods with the right credentials, etc. It turns into something I can't reasonably expect people to do if I want hosting your own Haven to be as easy as possible.

I do have some notes written up on editing CSS! The text box for adding custom CSS has a title: "Custom CSS", that title is a link to a sort of getting-started guide for customizing your Haven. Here is a link to the code for that page on Github: https://github.com/havenweb/haven/blob/master/app/views/static/themes.html.erb

However, since you suggested I add some notes, that means you didn't find the notes. Do you have suggestions on how to make them more visible? Maybe instead of making the text a link, I add a question mark icon after the text which is a link? Other thoughts?

I'm glad you're enjoying Haven, and I really appreciate your suggestions!

I was so excited to tell you about how email is broken--I didn't offer any other options for resetting your password!

For other people using your Haven, they can ask you to reset their password. The "Users" page has a link for each person to reset their password, then you can send them the new password.

Your own password as the only Admin is trickier:

You'll need to use ssh or another means to get to a shell on the machine where your Haven is running. Then navigate to the directory where Haven is installed (probably /var/www/haven or ~/haven) Then type the command: bin/rails console to get to the rails console. From here you can update the database to set a new password:

me = User.find_by(email: "<your email here>")
me.reset_password("<new password>","<new password again>")

Hey! Just mentioning I'm probably going to have someone help me reset it, since I've tried ssh with no luck, probably due to how Portainer installs things. It's not a big deal! Just an issue of me being pretty new to selfhosting.

A secondary suggestion, since email resets aren't feasible (and totally understandable why! Thank you for explaining) is potentially a reset option with a secret? Similar to the ones like "what's my first dog's name"? I don't know the difficulty in implementing something like that, but I thought I'd ask. My last suggestion would be something like extra, one time passwords when a user/admin is created, a small amount that could be used to reset. Sorry for all the suggestions! It's just something I thought about while I've been locked out.

I don't remember the exact thoughts I had on the CSS section when I saw it, but as soon as I get back into it, I'll let you know!

Thanks for your patience and time!

I actually got very lucky and didn't have to reset it, after guessing passwords that I thought might be it again.

I do see the "custom css" notes now! I do think it would be better if you possibly put it under it's own heading? Like "blog settings" has it's own heading. Doesn't have to be quite as big! Then as far as the links for notes, it would possibly be better to include the "?" icon next to the link, so it makes it a bit more visible. Hovering on the "?" could also provide a little explanation on it being notes on how you custom style the blog.

Just some suggestions! I'm familiar enough with CSS and HTML to kind of know these things, but in the interest of helping other people who might not know.

Thank you for reading the suggestions and I hope your day is lovely!