When WAGTAILUSERS_PASSWORD_ENABLED and ENABLE_PUBLIC_SIGNUP are enabled, it's impossible to set a password

[frankduncan]

Describe the bug

When WAGTAILUSERS_PASSWORD_ENABLED and ENABLE_PUBLIC_SIGNUP are set to true, the "Set Password" logic redirects to "user:acount" rather than "user:activate" making it so you can never actually set the password.

This is a vestige of the old registration/password system that was removed in favor of passwordless reigstration.

To Reproduce

Steps to reproduce the behavior:

1. Set WAGTAILUSERS_PASSWORD_ENABLED and ENABLE_PUBLIC_SIGNUP to true in your local.py
2. Create new account
3. Go to account page, click "Set Password"
4. Follow link in email
5. Arrive at account page

Expected behavior

Arrive at the password setting page.

Priority

• High

Affected roles

• New Users

Additional context

The "activation" flow may no longer be needed at all. Just have "Set Password" go to the update password page instead of doing the activation dance in email. The endpoint is the same.

However, there may be reasons to keep the current flow, so the incoming PR just fixes this specific bug.

[frjo]

@frankduncan Leave WAGTAILUSERS_PASSWORD_ENABLED at the default and direct users to add a password on their account page. That should work, if not we have a bug.

Hypha has for many years have WAGTAILUSERS_PASSWORD_ENABLED set to False to block staff from messing with users passwords.

[frankduncan]

Unfortunately, that's a requirement for the client. I just noticed while in here, that the whole activation workflow may be unneeded in general.