User tests: Successful: Unsuccessful:
Pull Request for Issue #24269 .
Added new column of resetToken to users table.
Reset token expires after 3 days
The issue originally for 3.9 also existed in 4.0
Please refer to the original issue for details.
Status | New | ⇒ | Pending |
Category | ⇒ | SQL Administration com_admin Postgresql Templates (admin) Front End com_users Language & Strings |
Category | SQL Administration com_admin Postgresql Templates (admin) Front End com_users Language & Strings | ⇒ | Administration com_admin com_users Front End Postgresql SQL Templates (admin) |
I doubt the change in the template is intentional ;) also, seems like a very convoluted way to determine if the resettoken is > 3 days? wouldn't now - date > (24 * 3600) * 3
be simpler to check? Do I also read it correct that now if you have an activationToken, you can never complete the reset process?
I have tested this item
From #JMAD19 PBF
This PR already has two tests on the same commit ... but the system is counting only one....
I'm retesting it and making it count... it has 3 tests now.
Labels |
Added:
Conflicting Files
?
|
Category | SQL Administration com_admin Postgresql Templates (admin) Front End com_users | ⇒ | SQL Administration com_admin Postgresql Front End com_users Language & Strings |
Labels |
Added:
?
Removed: ? |
Labels |
Added:
?
Removed: Conflicting Files ? |
you need to add that new field resetToken
on installation too
Labels |
Added:
?
Removed: ? |
Labels |
Added:
Conflicting Files
?
Removed: ? |
Category | SQL Administration com_admin Postgresql Front End com_users Language & Strings | ⇒ | SQL Administration com_admin Postgresql Templates (admin) NPM Change Front End com_users Language & Strings |
Labels |
Added:
NPM Resource Changed
|
Labels |
Added:
?
Removed: ? |
Category | SQL Administration com_admin Postgresql Front End com_users Language & Strings Templates (admin) NPM Change | ⇒ | Unit Tests Repository Administration |
Labels |
Added:
?
?
Removed: ? NPM Resource Changed ? |
Category | Administration Unit Tests Repository | ⇒ | SQL Administration com_admin Postgresql Front End com_users Language & Strings |
Labels |
Added:
?
Removed: ? |
Category | Administration SQL com_admin Postgresql Front End com_users Language & Strings | ⇒ | SQL Administration com_admin Postgresql Front End com_users |
Labels |
Removed:
?
|
Category | Administration SQL com_admin Postgresql Front End com_users | ⇒ | SQL Administration com_admin Postgresql Front End com_users Language & Strings |
I have tested this item
I have tested this item
Now the only thing missing is the possibility to set the expiration time for the token to the minute instead of having hardcoded 3 days.
I also think it would be a good practice to delete the reset token after confirmation and forwarding to the password change form, so that it can be used only once.
Labels |
Added:
?
?
|
Category | Administration SQL com_admin Postgresql Front End com_users Language & Strings | ⇒ | SQL Administration com_admin Postgresql Front End com_users Installation Language & Strings |
Labels |
Added:
Language Change
?
?
bug
Removed: ? ? ? ? |
The update SQL scripts would need a rename so they have the right version 4.1 and a newer date than the latest one which is already in the 4.1-dev branch, for example rename them from "4.0.0-2021-03-15.sql" to "4.1.0-2022-01-22.sql".
Labels |
Added:
?
Removed: ? |
Labels |
Removed:
bug
|
This pull request has automatically rebased to 4.2-dev.
This pull requests has been automatically converted to the PSR-12 coding standard.
Title |
|
Labels |
Added:
Ready to take over
?
?
PR-5.0-dev
Removed: ? |
Labels |
Added:
Maintainers Checked
Removed: ? |
This pull request has been automatically rebased to 5.1-dev.
I have tested this item ✅ successfully on f101243
Tested successfully
Labels |
Added:
Feature
Updates Requested
PR-5.1-dev
Removed: ? ? PR-5.0-dev |
Title |
|
I have tested this item ? unsuccessfully on f101243
Some of this worked. The user was not deactivated when the password reset was requested.
However, after logging in successfully the reset number did not return to zero - it remained at 1 - and even 2 when I reran the test.
I think there is a setting (?) that can be used to limit the number of resets, so in that case it matters. If reset has been requested and the user logs in, I guess reset count can be changed to whatever it is minus 1.
Also, the last reset time field still had the date - not "0000-00-00 00:00:00"
The
This pull request has been automatically rebased to 5.3-dev.
Title |
|
I have tested this item✅ successfully on 3f1645c
Tested this successfully.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/24461.