What steps will reproduce the problem?
1. Try to change the password with:
Vosao.jsonrpc.registerFrontService.changePassword($user.id, "{oldPassword}", "{newPassword}")
2.
3.
What is the expected output? What do you see instead?
The expected output is that the password successfully was changed.
Instead the response is with result = "success", and message = "Incorrect
password". And the old password still works.
Workaround:
Replace the line 140 in the file RegisterFrontServiceImpl.java with:
//if (user.getPassword().equals(BCrypt.hashpw(oldPassword, BCrypt.gensalt()))) {
if (BCrypt.checkpw(oldPassword, user.getPassword())) {
...
Original issue reported on code.google.com by alexande...@gmail.com on 30 Aug 2013 at 1:46
Original issue reported on code.google.com by
alexande...@gmail.com
on 30 Aug 2013 at 1:46