search

sparkpool / studydoer

0 stars 0 forks source link

Forgot Password (Serious take this as highest priority) #21

Closed Sandesh-Agarwal closed 9 years ago

Sandesh-Agarwal commented 9 years ago

When you provide valid mail in forgot password page user get a link to reset its password on his mail.

Now when he click the link he gets to reset password page. user set his password and he is directed to login page.

Now My scenario:

  1. Click on forgot password.
  2. Give valid email id.
  3. Go to your email copy the link.
  4. open any two browser.
  5. copy the link to both browser.
  6. ReSet password page will open in both browser.
  7. provide password and submit in both browser.
  8. Now Set password page is not redirected to any other page instead it redirects to iteself.
  9. So user can set password many time.
sparkpool commented 9 years ago

This is also good point. I think i need to check that user can set password only once.

Again good point @Sandesh-Agarwal

sparkpool commented 9 years ago

fixed and will reflect in next build.