search

YunoHost-Apps / friendica_ynh

Friendica package for YunoHost
http://friendi.ca/
Other
11 stars 13 forks source link

Impossible to reset user password #21

Closed autra closed 4 years ago

autra commented 4 years ago

The app fails when I try to reset my password.

steps

Use the "reset password" link, and click on the link received by mail.

After a while, the page stops loading (still blank) and I have these logs with yunohost service log php7.0-fpm:

- [16-Dec-2019 21:03:24] WARNING: [pool friendica] child 6153, script '/var/www/friendica//index.php' (request: "GET /index.php?pagename=/lostpass/grartaubaixe1731") executing too slow (5.349857 sec), logging
  - [16-Dec-2019 21:03:24] NOTICE: child 6153 stopped for tracing
  - [16-Dec-2019 21:03:24] NOTICE: about to trace 6153
  - [16-Dec-2019 21:03:24] NOTICE: finished trace of 6153
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "NOTICE: PHP message: PHP Fatal error:  Uncaught ParagonIE\Certainty\Exception\BundleException: No valid bundles were found in the data directory. in /var/www/friendica/vendor/paragonie/certainty/src/Fetch.php:85"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "Stack trace:"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#0 /var/www/friendica/vendor/divineomega/password_exposed/src/PasswordExposedChecker.php(72): ParagonIE\Certainty\Fetch->getLatestBundle()"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#1 /var/www/friendica/vendor/divineomega/password_exposed/src/PasswordExposedChecker.php(45): DivineOmega\PasswordExposed\PasswordExposedChecker->getBundleFromCertainty()"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#2 /var/www/friendica/src/Model/User.php(299): DivineOmega\PasswordExposed\PasswordExposedChecker->__construct(Object(GuzzleHttp\Client), Object(DivineOmega\DOFileCachePSR6\CacheItemPool))"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#3 /var/www/friendica/src/Model/User.php(347): Friendica\Model\User::isPasswordExposed('Glalfeat8751')"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#4 /var/www/friendica/mod/lostpass.php(133): Friendica\Model\User::updatePassword(2, 'Glalfeat8751')"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#5 /var/www/friendica/mod/lostpass.php(108): lostpass_generate_password(Array)"
  - [16-Dec-2019 21:03:25] WARNING: [pool friendica] child 6153 said into stderr: "#6 /var/www/f..."

Please let me know if I can provide more info.

tobiasd commented 4 years ago

To bypass the problem you can disable the check if the new password was included of an exposed password collection by setting disable_password_exposed in your configuration file to true. At the moment this setting is not available in the admin panel.

See friendica/friendica#7796 for a more detailed discussion. This problem should be fixed in Friendica 2019.12

anmol26s commented 4 years ago

@tobiasd Is the issue resolved in the 2020.03 ?

tobiasd commented 4 years ago

It should be ;) I've not tested it TBH

anmol26s commented 4 years ago

@anmol26s Thanks