Password reset form error makes no sense when the account is locked

Created on 10 April 2023, over 1 year ago
Updated 18 April 2024, 8 months ago

Problem/Motivation

When the same mailbox requests to recover the password 5 times, it will prompt Password reset form was submitted with an unknown or inactive account: test@drupal.com.. But the user is actually locked. This problem needs to be debugged to find out, and will not directly prompt the user to be locked

Steps to reproduce

  1. install new drupal 9 latest
  2. login and goto /admin/people/create create user, username and email is test@drupal.com and set active
  3. logout and go to /user/password enter email test@drupal.com 5 times
  4. will now prompt: If test@drupal.com is a valid account, an email will be sent with instructions to reset your password.the truth is that this mailbox has been blocked

Proposed resolution

We should tell the user that this email is locked. Instead of other prompts

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

📌 Task
Status

Needs work

Version

11.0 🔥

Component
User system  →

Last updated 1 day ago

Created by

🇨🇳China xiukun.zhou

Live updates comments and jobs are added and updated live.
  • Needs tests

    The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.

Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024