Alternate email address for password reset or other notifications

[doftnet]

This is a feature that would be useful for some setups where the Nextcloud user is provided by an authentication backend that is an email account: Having an alternate email address for password reset purposes. For example, I'm using the user_backend_raw_sql app which does user authentication against an email server database. The password reset link sends the reset email and the link in the email works to allow the user to reset their password, if the user has forgotten their password, they probably can't get to their email either.

Having an alternate email address available to sent password reset message to will allow such users to receive the reset message in the event that they forget the password for the email address associated with their cloud account.

In the meantime, I will have to write up an external "reset my password" page for my email based cloud users and I'll have to make use of the 'lost_password_link' config option. Since the all other aspects of the built in password reset system work as intended, it would be convenient from the user's standpoint to use the same reset link as the internal nextcloud users. At the very least, having the ability to add more than one email address for notifications would be handy even if it wasn't exclusively for password resets. Having this capability as an app would be ideal, but I'm not familiar enough with the inner-workings to write an app to handle this within Nextcloud myself, so I'm throwing this out there in case anyone feels like running with it.

Steps to reproduce

1. Forget password
2. Click the "Forgot Password?" link on the Nextcloud login page
3. Provide Nextcloud login (email address, in this case)
4. Be unable to access the reset link via email because it requires the same password.

Desired behaviour

Password reset link get set to an alternate address in addition to the primary email address.
In personal settings, an additional field for one or more alternate email addresses would be available.

Actual behaviour

No such capability exists in the core server or available apps.

[nextcloud-bot]

GitMate.io thinks possibly related issues are #5047 (Can't password protect shares because password email is sent from account email address), #4345 (Improve lost password email), #5658 (share by email - password email not sent - solved), #3052 (LDAP: user gets Notification to add email address to change password, although email exists, is read-only and password change is not possible), and #5481 (Wish: create users with an email address rather than an initial password).

[szaimen]

I think this will be addressed in #26866