Support password reset UX

Created on 16 February 2022, almost 3 years ago
Updated 9 February 2023, almost 2 years ago

Problem/Motivation

When a user login with one-time login token, then clicks around, this module redirects the user back to the profile page. However, because the one-time login token is not in the URL parameter anymore, the core AccountForm would require the user to type in the "Current password", which the user might not have. Therefore, the user cannot save the form, but request another one-time login token.

The UX is worse, when the site is configured to "Require email verification when a visitor creates an account", in which the user only sets the password after they login with one-time token. Therefore, if the redirect happens, the user cannot save the form without the current password.

Steps to reproduce

Proposed resolution

Check the user session, if there is pass_reset_USER_ID, then we redirect the user to the profile page with the one-time token.

Remaining tasks

User interface changes

API changes

Data model changes

✨ Feature request
Status

Fixed

Version

1.0

Component

Code

Created by

πŸ‡¨πŸ‡³China skyredwang Shanghai

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024