SSPR vs Account

~~I recently realized I did a confusing thing.~~ I have two similar but different services that are ~~separate~~close ~~instances~~enough in function for the distinction to be confusing. This service is based on an open-source tool, and because of the functions I want to make available to Matt-Cloud users, I need to build two different versions of the same ~~app~~tool. ~~that~~To doput ~~similar~~this ~~but~~another ~~different~~way, ~~things,~~I ~~and~~am too lazy to write my own SSPR so I ~~wanted~~need to ~~write~~use the tools that others have so graciously made available to me for free.

SSPR means Self-Service Password Reset. The point of this site is so Matt-Cloud users can handle forgotten password resets. The service allows users to set up ~~something~~a ontwo-factor ~~why~~code Iand ~~did~~to confirm an email address so that when they forget their Matt-Cloud password they can reset it ~~like~~using ~~this.~~a variety of methods.

The ~~tl/dr~~Account site is ~~that~~for itMatt-Cloud ~~makes it easier on me~~users to ~~implement~~update ~~the~~account ~~functions~~email Iaddress ~~wanted.~~or ~~The~~password ~~longer explanation is what those functions are.~~

~~Since one is~~when already logged inin. ~~with~~It Authelia, I wanted there to be a password site that would work with the SSO. I also wanted to be able to allow y'all to deal with forgotten passwords on your own because I know I love me a good self-checkout as much as the next introvert. Problem is, the password reset feature couldn't be behind Authelia, because Authelia needs a login, see? So, I made two separate instances of the password manager app with very different configurations. The ~~SSPR~~ ~~site needed to be accessible outside the~~ ~~SSO, and the~~ ~~Account~~ site needed to only work with the SSO, which I will call the Eyeballs Venn-Diagram for functionality. The account site also has the join site in it, which doesn't make sense to have on a site that can't be reached without a login. Now, PWM does offer a lot of granularity, and if it wasn't foruses the SSO ~~requirement~~to Istart ~~could~~users ~~get~~logged ~~away~~in, ~~with~~and will only re-authenticate when requesting a ~~single~~secure ~~instance,~~change.

~~but alas. Both apps interface with Active Directory for all user account info, so they're modifying the same auth servers.~~