Visiting of reset password link not possible

GravityProject / gravity

Open source social network built with Meteor

MIT License

131 stars 62 forks source link

Visiting of reset password link not possible #37

Closed pmuens closed 8 years ago

pmuens commented 9 years ago

Route is forbidden to visit.

michaltakac commented 9 years ago

This is not a bug actually, reset password route will be only visible for people who click on reset password link which will be sent to user's email after requesting that reset. First we need to implement the mailer functionality (I added hints and documented the process of such implementation to my 2nd pull request you merged).

Logged-in users can change their passwords here http://joingravity.com/change-password, so adding link to /change-password route somewhere into user profile settings would be good thing.

pmuens commented 9 years ago

Yes, I've implemented the mailer functionality and have requested a new password. After clicking on the link in the E-Mail I was redirected to the route where I could change my password but I was redirected to the sign in page with the hint that I should sign in first.

I'll look into it ASAP.

diegonc commented 8 years ago

I think you need to call AccountsTemplate.configureRoute in the server too. Here's the code which makes me beleive that:

  if (Meteor.isServer) {
    // Configures "reset password" email link
    if (route === "resetPwd") {
      var resetPwdPath = options.path.substr(1);
      Accounts.urls.resetPassword = function(token) {
        return Meteor.absoluteUrl(resetPwdPath + "/" + token);
      };
    }

and if I add console.log("*****", Accounts.urls.resetPassword("the-token")); to server's startup I can see the URL with a hash:

I20160428-19:29:12.671(-3)? ***** http://localhost:3000/#/reset-password/the-token

But I'm not sure where would be the right place and whether other configuration calls are also required.

I guess I'll try moving client/lib/accounts/config.js to lib/accounts/ and report back :)

diegonc commented 8 years ago

I guess I'll try moving client/lib/accounts/config.js to lib/accounts/ and report back :)

It worked. And everything else looks to be fine. Although I'm running a modified version of Gravity, I believe it should work on the pristine version too, I haven't changed much regarding the way accounts are handled.

pmuens commented 8 years ago

@diegonc Great. Could you submit a PR? Then I'll merge it ASAP.

diegonc commented 8 years ago

Done :-)

pmuens commented 8 years ago

Great! Thank you!