Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#1860 closed improve feature (fixed)

Migrate lost password to rox code

Reported by: shevek Owned by: shevek
Priority: major Milestone: 1.5
Component: BW Profile Keywords:
Cc: globetrotter_tt

Description (last modified by jsfan)

According to a comment by globetrotter_tt in #1738: "But we should really rewrite the password retrieval soon as members complain about the current tool a lot."

Related: #1953

Change History (29)

comment:1 Changed 6 years ago by shevek

Please take the input for #497 into account.

comment:2 Changed 6 years ago by shevek

See #1866 (closed): Introduce new word codes to be able to add the username to the message in a nicer way.

Last edited 6 years ago by shevek (previous) (diff)

comment:3 Changed 6 years ago by globetrotter_tt

Actually code for this already exists. This has been done some time ago, but it never went to the git repo (as some other parts of the old test repository).

If you want, I could send you the files by mail.

comment:4 Changed 6 years ago by shevek

Please do.

comment:5 Changed 6 years ago by shevek

  • Keywords 1.4 added

comment:6 Changed 6 years ago by jsfan

  • Keywords 1.5 added; 1.4 removed
  • Milestone changed from unassigned to 1.5

comment:7 Changed 6 years ago by shevek

  • Keywords 1.5 removed
  • Owner set to shevek
  • Status changed from new to assigned

I checked the code I got from globetrotter_tt. While first thinking that I can't use too much of it, it was pretty useful.

Commit: https://gitorious.org/~thisismeonmounteverest/bewelcome/thisismeonheiligenberg-rox/commit/1ce516791e2ef5bd14b9e99516e6e3d094961b37

Changing the way to reset the password (using a link to reset it) would need a new database table to store the hashes and salts for the links. That update has to wait till welen I'd say.

Last edited 6 years ago by shevek (previous) (diff)

comment:8 Changed 6 years ago by shevek

  • Status changed from assigned to local_testing

comment:9 Changed 6 years ago by shevek

  • Milestone changed from 1.5 to unassigned

Removed milestone as the code isn't on develop.

comment:10 Changed 6 years ago by jsfan

I did not remove this one because it is set to major at least and I also see it as major. However, if you do not want to contribute it to this milestone, I will take over the ticket.

comment:11 Changed 6 years ago by jsfan

  • Milestone changed from unassigned to 1.5
  • Status changed from local_testing to needs_work

comment:12 Changed 6 years ago by shevek

  • Status changed from needs_work to local_testing

Migrated lost password code to rox and renamed it to reset password.

Commit: https://gitorious.org/bewelcome/rox/commit/51a6006298fde9790b85c9730b8da4d6d87f1fe3

bw/lostpassword.php should be redirected to resetpassword/ now but I don't know where to do it.

comment:13 Changed 6 years ago by jsfan

Again, there is a bit of mixing of camel case and lower case names. :(

comment:14 Changed 6 years ago by shevek

And I finally understood why. I obviously thought the function called from routes need to be lowercase.

The following commit also fixes a redirection problem to the finish page.

https://gitorious.org/bewelcome/rox/commit/55dcdb895c4fb557641b97ece7d548f704b90b34

Note: If you have skip_password_test enabled you can't really test this :-)

So either deactivate that or use verification to check the new password. Also try to change the password.

comment:15 Changed 6 years ago by crumbking

again mails still not working here ... so can't test, sorry

comment:16 Changed 6 years ago by jsfan

  • Status changed from local_testing to to_alpha

comment:17 Changed 6 years ago by jsfan

  • Status changed from to_alpha to testing

comment:18 Changed 6 years ago by crumbking

after hitting the lost password link the startpage I get here:

http://alpha.bewelcome.org/resetpassword/

Fatal error: Class 'ResetPasswordPage' not found in /var/rox/deployment/alpha.bewelcome.org-d4aeb0f/build/members/members.ctrl.php on line 758 

comment:19 Changed 6 years ago by shevek

Added missing pages and templates: https://gitorious.org/bewelcome/rox/commit/a7965c4a0b56830b7d37e56da22cd9f69aa8660b

Please test locally if the resetpassword page shows up now.

comment:20 Changed 6 years ago by crumbking

  • Status changed from testing to needs_work

jupp works now locally

comment:21 Changed 6 years ago by crumbking

  • Status changed from needs_work to to_alpha

comment:22 Changed 6 years ago by shevek

  • Status changed from to_alpha to testing

Change status to testing as obviously deployed on alpha.

comment:23 Changed 6 years ago by dima42

works on alpha

comment:24 follow-ups: Changed 6 years ago by jsfan

Is there a reason why you created new word codes for this?

Seems to work otherwise.

comment:25 Changed 6 years ago by jsfan

  • Description modified (diff)

I have created a new ticket regarding using challenge/response instead of just generating a new password.

comment:26 in reply to: ↑ 24 Changed 6 years ago by shevek

Is there a reason why you created new word codes for this?

The problem with the old codes is described in the ticket about adding the username to the reset password mail. Mainly the idea was to be able to migrate smoothly.

Last edited 6 years ago by shevek (previous) (diff)

comment:27 in reply to: ↑ 24 Changed 6 years ago by shevek

Seems to work otherwise.

Closed as fixed?

comment:28 Changed 6 years ago by jsfan

  • Resolution set to fixed
  • Status changed from testing to closed

Closing. The word code probably should have HTML cleaned out to ensure that the text version looks alright.

comment:29 Changed 6 years ago by shevek

Well, we obviously could translate it differently anytime. Any suggestion?

Last edited 6 years ago by shevek (previous) (diff)
Note: See TracTickets for help on using tickets.