Forgotten user password procedure error

Sergio · Février 4, 2021, 11:58

Hi,

I am now with 4.6.3 version of fabmanager (thanks for the comunity for the help!), but I missed the password reset test, and a User notify me, that He couldn´t get his password back, then I did tested, and got the followed feedback:

When I go to the e-mail to reset the password I write and rewrite the new password, then after clicking « Confirmar » on the frontEnd, for the user, nothing happen.

And I got the log messages:

Completed 200 OK in 7ms (Views: 4.1ms | ActiveRecord: 0.9ms | Elasticsearch: 0.0ms)
Started POST "/users/sign_in.json" for 172.31.0.3 at 2021-02-04 11:36:21 +0000
Processing by SessionsController#create as JSON
  Parameters: {"user"=>{"email"=>"******@gmail.com", "password"=>"[FILTERED]"}, "session"=>{"user"=>{"em                                                                                                                        ail"=>"sergioandradeschina@gmail.com", "password"=>"[FILTERED]"}}}
  User Load (0.5ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = $1 ORDER BY "users"."id" ASC LIMIT $2  [[                                                                                                                        "email", "*****@gmail.com"], ["LIMIT", 1]]
  Setting Load (0.4ms)  SELECT  "settings".* FROM "settings" WHERE "settings"."name" = $1 LIMIT $2  [["name", "confir                                                                                                                        mation_required"], ["LIMIT", 1]]
  HistoryValue Load (0.2ms)  SELECT  "history_values".* FROM "history_values" WHERE "history_values"."setting_id" = $                                                                                                                        1 ORDER BY "history_values"."created_at" DESC LIMIT $2  [["setting_id", 53], ["LIMIT", 1]]
   (0.1ms)  BEGIN
   (0.2ms)  COMMIT
Completed 401 Unauthorized in 94ms (ActiveRecord: 1.5ms | Elasticsearch: 0.0ms)

Then, The user click again (because it seens that nothing happened), it show a Token Error:

And the log showed it:

Started PUT "/users/password.json" for 172.31.0.3 at 2021-02-04 14:49:17 +0000
Processing by PasswordsController#update as JSON
  Parameters: {"user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "password"=>{"user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}}}
  User Load (0.5ms)  SELECT  "users".* FROM "users" WHERE "users"."reset_password_token" = $1 ORDER BY "users"."id" ASC LIMIT $2  [["reset_password_token", "29adc9e9e1e601ca04d90658edff6ff1c29f005d394d83e35711b12831db291c"], ["LIMIT", 1]]
Completed 422 Unprocessable Entity in 4ms (Views: 0.3ms | ActiveRecord: 0.5ms | Elasticsearch: 0.0ms)

Anyone would know What could it be?

Thanks in advance

Sergio · Février 5, 2021, 7:51

@Sylvain would you have any idea what could it be?

Sylvain · Février 8, 2021, 7:03

Hi @Sergio,

To confirm your account, you must click on « Confirmar sua conta » and not on « Esqueceu sua senha? » on the login page. This will send you a link to click, by email, but you won’t need to reset your password.

Sergio · Février 11, 2021, 4:02

Hi @Sylvain,

Yes!, it worked.

I was on the 3.6.7 version until december 2020, and I think this step was not available on that version, so I did not notice this step.

sorry about that, my fault!

Thanks about the clarify explanation.

Sergio · Février 11, 2021, 4:17

So this topic that I did create, is not correct about the name.

This was not a System « Forgotten user password procedure error », It was a User ability procedure fault.

Please, If you necessary(and if possible), close and delete this topic.

Sylvain · Février 22, 2021, 7:43