rodik
commented
5 years ago The email link redirects to _http://imamopravoznati.org/profile/change_password/new_
Removing the "new" part from URL leads to Set new password form.
Closed rodik closed 5 years ago
rodik
commented
5 years ago The email link redirects to _http://imamopravoznati.org/profile/change_password/new_
Removing the "new" part from URL leads to Set new password form.
schlos
commented
5 years ago Precondition:
Use forgot password flow: http://imamopravoznati.org/profile/change_password/new?pretoken=SOME_LONG_TOKEN
1. Email content
Test2,
Molimo kliknite na poveznicu ispod da biste potvrdili Vašu adresu e-pošte. Tada možete promijeniti Vašu lozinku na Imamo pravo znati
http://imamopravoznati.org/c/SOME_LONG_TOKEN
Nećemo prikazati Vašu adresu e-pošte nikome, osim ako Vi ili zakon budete to zahtijevali.
-- Imamo pravo znati tim
2. Reset password URL
http://imamopravoznati.org/profile/change_password?post_redirect=1
3. Password reset is successful
http://imamopravoznati.org/user/test2/profile
I cannot reproduce this error.
@rodik, can you give some more data? What browser were you using?
rodik
commented
5 years ago Using Chrome Version 76.0.3809.132
Clicking email link http://imamopravoznati.org/c/SOME_LONG_TOKEN redirects to http://imamopravoznati.org/profile/change_password/new, not http://imamopravoznati.org/profile/change_password?post_redirect=1 as stated in your response.
rodik
commented
5 years ago Problem is caused by browser cache. Opening the email link in incognito browser redirects to correct URL.
Actual behavior
After requesting a password reset, an email is recieved with a link. The link leads to the same password reset form which triggers the same email, and so on ... User never gets to set the new password.
Steps to reproduce
Request a password reset.
Expected behavior
The email should contain a link with the new password form.