Closed BenItt closed 2 years ago
Hi @BenItt. Thank you for your report. To speed up processing of this issue, make sure that you provided the following information:
Make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, Add a comment to the issue:
@magento give me 2.4-develop instance
- upcoming 2.4.x release
For more details, review the Magento Contributor Assistant documentation.
Add a comment to assign the issue: @magento I am working on this
To learn more about issue processing workflow, refer to the Code Contributions.
Join Magento Community Engineering Slack and ask your questions in #github channel.
:warning: According to the Magento Contribution requirements, all issues must go through the Community Contributions Triage process. Community Contributions Triage is a public meeting.
:clock10: You can find the schedule on the Magento Community Calendar page.
:telephone_receiver: The triage of issues happens in the queue order. If you want to speed up the delivery of your contribution, join the Community Contributions Triage session to discuss the appropriate ticket.
:pencil2: Feel free to post questions/proposals/feedback related to the Community Contributions Triage process to the corresponding Slack Channel
@magento give me 2.4-develop instance
Hi @manavluhar. Thank you for your request. I'm working on Magento instance for you.
Hi @manavluhar, here is your Magento Instance: https://3bc3de3faa14ff4ca128a18b48a982af.instances.magento-community.engineering Admin access: https://3bc3de3faa14ff4ca128a18b48a982af.instances.magento-community.engineering/admin_dab5 Login: 1d732805 Password: 9084768d41f7
Dear @manavluhar,
thank you for the same.
Using same template code as from your Magento instance leads to same error on our instance :/
Very strange. Magento 2.4.4 update from 2.3.5 was fresh update.
Possibly extensions cause this problem?!
Do you have same CreatePassword.php as the one here?
`<?php /**
namespace Magento\Customer\Controller\Account;
use Magento\Customer\Api\AccountManagementInterface; use Magento\Customer\Model\ForgotPasswordToken\ConfirmCustomerByToken; use Magento\Customer\Model\ForgotPasswordToken\GetCustomerByToken; use Magento\Customer\Model\Session; use Magento\Framework\App\Action\Context; use Magento\Framework\App\Action\HttpGetActionInterface; use Magento\Framework\App\ObjectManager; use Magento\Framework\Controller\Result\Redirect; use Magento\Framework\View\Result\Page; use Magento\Framework\View\Result\PageFactory; use Magento\Customer\Api\CustomerRepositoryInterface;
/**
Controller for front-end customer password reset form */ class CreatePassword extends \Magento\Customer\Controller\AbstractAccount implements HttpGetActionInterface { /**
/**
/**
/**
/**
/**
/**
@param CustomerRepositoryInterface|null $customerRepository */ public function __construct( Context $context, Session $customerSession, PageFactory $resultPageFactory, AccountManagementInterface $accountManagement, ConfirmCustomerByToken $confirmByToken = null, GetCustomerByToken $getByToken = null, CustomerRepositoryInterface $customerRepository = null ) { $this->session = $customerSession; $this->resultPageFactory = $resultPageFactory; $this->accountManagement = $accountManagement; $this->confirmByToken = $confirmByToken ?? ObjectManager::getInstance()->get(ConfirmCustomerByToken::class); $this->getByToken = $getByToken ?? ObjectManager::getInstance()->get(GetCustomerByToken::class); $this->customerRepository = $customerRepository ?? ObjectManager::getInstance()->get(CustomerRepositoryInterface::class);
parent::__construct($context); }
/**
@return Redirect|Page */ public function execute() { $resetPasswordToken = (string)$this->getRequest()->getParam('token'); $customerId = (int)$this->getRequest()->getParam('id'); $isDirectLink = $resetPasswordToken != ''; if (!$isDirectLink) { $resetPasswordToken = (string)$this->session->getRpToken(); $customerId = (int)$this->session->getRpCustomerId(); }
try { $this->accountManagement->validateResetPasswordLinkToken($customerId, $resetPasswordToken); $this->confirmByToken->resetCustomerConfirmation($customerId);
// Extend token validity to avoid expiration while this form is
// being completed by the user.
$customer = $this->customerRepository->getById($customerId);
$this->accountManagement->changeResetPasswordLinkToken($customer, $resetPasswordToken);
if ($isDirectLink) {
$this->session->setRpToken($resetPasswordToken);
$this->session->setRpCustomerId($customerId);
$resultRedirect = $this->resultRedirectFactory->create();
$resultRedirect->setPath('*/*/createpassword');
return $resultRedirect;
} else {
/** @var Page $resultPage */
$resultPage = $this->resultPageFactory->create();
$resultPage->getLayout()
->getBlock('resetPassword')
->setResetPasswordLinkToken($resetPasswordToken)
->setRpCustomerId($customerId);
return $resultPage;
}
} catch (\Exception $exception) { $this->messageManager->addErrorMessage(__('Your password reset link has expired.')); /* @var Redirect $resultRedirect / $resultRedirect = $this->resultRedirectFactory->create(); $resultRedirect->setPath('//forgotpassword');
return $resultRedirect;
} } } `
Wondering were the bug comes from. Any possibility to reach out to you directly?
Yours
Could you check to send Password reset link to any given Gmail address? It seems that link is removed then and arrives as LINK
Also our finding:
When loading templates for forgot e-mail after update to Magento 2.4.4 varibale differs from vendor e-mail variable:
Your instance as well as ours:
<a href="{{var this.getUrl($store,'customer/account/createPassword/',[_query:[id:$customer.id,token:$customer.rp_token],_nosid:1])}}" target="_blank">{{trans "Set a New Password"}}</a>
When I get the variable from /vendor/magento/module-customer/view/frontend/email --> PasswordReset.html it differs:
<a href="{{var this.getUrl($store,'customer/account/createPassword',[_query:[id:$customer.id,token:$customer.rp_token],_nosid:1])}}" target="_blank">{{trans "Set a New Password"}}</a>
So old instance adds a "/" behind password which then hinders to function properly.
Does the following screenshot help? It's a report I send to Hyvä frontend themes in order to have them fix something very similar.
Maybe also double check if your custom theme didn't overwrite the resetforgottenpassword.phtml
because in that case you might be missing something there that was added in 2.4.4
Dear @hostep,
this looks like it could be a solution. Indeed the green marked parts are missing in our vendor/magento/module-customer/view/frontend/templates/form/resetforgottenpassword.phtml
We check to change and inform about progress.
THE FILE WHERE IT WAS MISSING WAS OUR MAGENTO 2.3.5-p1
Alrighty, it's most likely going to be this that fixes your issue.
Next time when you work on a Magento upgrade, consider using this tool: https://github.com/AmpersandHQ/ampersand-magento2-upgrade-patch-helper, it helped us discover this problem (and many others in the past) 🙂
Dear @hostep,
roll back. I have checked and our Core looks exactly like the screenshot you had posted.
Possibly still our Theme overwrites this function. Checking this now going back to Luma. Thank you for the Ampersand Patch Helper. Will consider this.
Hi @engcom-Delta. Thank you for working on this issue. In order to make sure that issue has enough information and ready for development, please read and check the following instruction: :point_down:
[ ] 1. Verify that issue has all the required information. (Preconditions, Steps to reproduce, Expected result, Actual result).Details
If the issue has a valid description, the label Issue: Format is valid
will be added to the issue automatically. Please, edit issue description if needed, until label Issue: Format is valid
appears.
[ ] 2. Verify that issue has a meaningful description and provides enough information to reproduce the issue. If the report is valid, add Issue: Clear Description
label to the issue by yourself.
[ ] 3. Add Component: XXXXX
label(s) to the ticket, indicating the components it may be related to.
[ ] 4. Verify that the issue is reproducible on 2.4-develop
branchDetails
- Add the comment @magento give me 2.4-develop instance
to deploy test instance on Magento infrastructure.
- If the issue is reproducible on 2.4-develop
branch, please, add the label Reproduced on 2.4.x
.
- If the issue is not reproducible, add your comment that issue is not reproducible and close the issue and stop verification process here!
[ ] 5. Add label Issue: Confirmed
once verification is complete.
[ ] 6. Make sure that automatic system confirms that report has been added to the backlog.
Dear @hostep,
in Luma Theme same issue. Very weird.
Yours
Ah okay, then it must be a different problem than the one I ran into apparently.
Dear @hostep,
good news. We found the culprit. Error was caused by an extension by "IT Recht Kanzlei" from Cyberday which we are using for our legal texts. Deactivating this extension and the error is gone. Finally found this out after looking into so many options in the code.
Hi @BenItt , Thank you for raising an issue and we tried to reproduce the issue on Magento 2.4.4 instance. Link has been expired after 2 hours as we set the configuration Stores --> Configurations --> Settings --> Customers --> Customer Configuration, This is expected functionality and within the 2 hours if we access the link and try to reset the password, we are able to reset the password successfully. Hence , request to help me out to reproduce the issue with clear steps.
Steps followed:
Actual results After 2 hours
We have noticed that this issue has not been updated for a period of more than 14 Days. Hence we assume that this issue is fixed now, so we are closing it. Please raise a fresh ticket or reopen this ticket if you need more assistance on this.
Hello guys, In case someone is having some problem as well. We started having this problem after upgrading from magento 2.3* to Magento 2.4.3-p2. Our problem here was fixed by:
resetforgottenpassword.phtml
in our custom theme, to include the customerId in the form action. Like @hostep had commented above: https://github.com/magento/magento2/issues/35487#issuecomment-1129189569Forgot Password
template to see the difference between the 'new' one in magento2.4 and the one you've been using.
The old version: [_query:[token:$customer.rp_token],_nosid:1]
The one updated: [_query:[id:$customer.id,token:$customer.rp_token],_nosid:1]
You can see that a new parameter is added to the button url, id
in this case.Summarizing:
Thank you for reporting and collaboration. Verified the issue on Magento 2.4-develop and 2.4.5 instances and the issue is reproducible on both the instances.
We are not getting any exception.But the session has expired, and again we need to Login.
Steps to reproduce :
1.Have 2 browsers open. One with the magento shop, second one with your gmail account.
2.Register a new customer.
3.In the first browser, click on the "forgotten password" link and enter your email address. You'll be redirected to a customer login page. Don't close the tab.
4.In the second browser, click on the "reset password" link in your gmail account. A new browser tab will open. Set a new password.
5.Go back to the first browser, enter your new login information and click on the "login" button.
and i got Capture
Got the same than @royalkaroma on 2.4.4
Reset Password link not working where outlook mail
Preconditions (*)
Steps to reproduce (*)
Expected result (*)
Actual result (*)
Please provide Severity assessment for the Issue as Reporter. This information will help during Confirmation and Issue triage processes.