[Koha-bugs] [Bug 31382] Cannot reach password reset page when password expired
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Aug 17 16:55:53 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31382
ByWater Sandboxes <bws.sandboxes at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #139249|0 |1
is obsolete| |
--- Comment #2 from ByWater Sandboxes <bws.sandboxes at gmail.com> ---
Created attachment 139297
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=139297&action=edit
Bug 31382: Pass password_has_expired param to templte
This patch restores the param, while still leaving the check against invalid
login credentials to ensure we don't leak information.
To test:
1 - enable EnableExpiredPasswordReset
2 - Edit a patron to set password to expire in the past
3 - Attempt opac login as patron
4 - It fails, but you are redirected to login screen with no info
5 - Apply patch
6 - Attempt login
7 - You are notified password expired and given reset link
8 - Go back to login screen
9 - Login with correct username,, wrong password
10 - You are notified of incorrect credentials, not password expiration
Signed-off-by: Andrew Fuerste-Henry <andrewfh at dubcolib.org>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list