Closed aputtu closed 7 months ago
Thanks for reporting it @aputtu. The issue including log warning on no match should be resolved in svn rev5893 and the corresponding git revisions here.
Additional robustness fixes for ancient versions of cryptography
were added in svn rev 5894 and the corresponding git versions.
Requesting a password reset can fail, if email address provided in reset request has uppercase letter(s). It silently fails, meaning that user do not receive notification.
Since Migrid seems to lowercase transform email addresses provided at sign-up, and during password request checks for match with case-sensitivity, it can cause silent rejection when persons request password reset.
Steps to reproduce:
Suggestions for added admin/support :