Closed ariouche closed 1 year ago
Yup, this is Joomla being stupid. When you have "Force password reset" enabled for a user ANY request (regardless of whether it's for an HTML page or not...) will be redirected to the profile edit page. As a result the callback URLs for the link/unlink buttons do not work.
You will see that if you are using Joomla's built-in Multi-factor Authentication and W3C Web Authentication plugins, these controls also don't work for the same reason.
This is a long-standing Joomla bug which was the result of two things. One, Joomla ripping off my captive login code from Akeeba DataCompliance without understanding how it works. Two, Joomla IDIOTICALLY showing the full profile edit page to the user instead of a purpose-built view where the user can only change their password -- really, the only thing they are allowed to do in this case!
I have explained it to the Joomla maintainers back in 2019. They were trying to gaslight me as if they could ever convince me that I do not understand how my captive login code works (code which I invented myself in 2016, after being told BY THE VERY SAME PEOPLE that it's not possible in Joomla, mind you!) I gave up trying to help them fix a very obvious problem.
BTW, I will be reporting this as a usability issue in Joomla, again. I don't expect to see it fixed but at least they will get another reminder that crap's still broken 4 years later...
Hi, when I set
Force to reset Password
toyes
into Joomla User settings, the user is redirected to the profil edit Joomla page. Then there thelinkbuttons
(Google and Microsoft) that allow to link a J! user with social networks appears. When I click on that buttons and succesfully pass the log in step on the network, when I come back to Joomla, Joomla hasn't achieve the linking logic and I still have the buttons with the label "Link to Microsoft".Do you have any idea?
Regards