Password Reset Emails Not Working

scottalanmiller

The password change should be fixed on master now. Not sure about the password reset page. Are you on latest?

Also you can check ACP>Advanced>Events to see if the password-reset event went through.

I'm on 0.6.1. Updated to that this morning.

scottalanmiller

@Codejet said:

@baris on 0.6.1

can confirm this issue, it's just after you've typed you new resetted password and push the 'reset' button.. practically does nothing.

but does in fact change the password, no confirmation that it does though

I'll check if it actually worked. If so, we can work with that.

scottalanmiller

The password reset did not work here. Confirmed that the user still cannot log in even with the new password.

codejet

Tried mine again just then, password reset worked, made the password something completely different to my normal.

Old didn't work, resetted one worked.

There's the event, is that looking ok ?
#26 password-reset [[global:guest]] (uid 0) (IP 10.1.1.4) Thu, 12 Feb 2015 02:43:41 GMT

{
"timestamp": "1423709021885"
}

For me clicking the 'reset password' button just sits there

<baris>

Try updating to latest on 0.6.x or on master.

There were missing callbacks so clicking the button looked like it was not doing anything.

@scottalanmiller check out your advanced>events tab and see if there is a password-reset event logged.

scottalanmiller

It looks okay in the events....

{
"_key": "event:17",
"targetUid": "9",
"timestamp": 1423703469641
}

scottalanmiller

Figured it out, account was locked as well. Should a reset include removing a lockout?

<baris>

As far as I can tell resetting the password does reset the lockout here https://github.com/NodeBB/NodeBB/blob/master/src/user/reset.js#L83

scottalanmiller

It does not appear to. I'm wondering if maybe it should? You kind of expect it to.

tekojo

Hi,

I'm facing the same problem.
I'm trying to migrate a medium/large size forum (import plugin system is fantastic!).

As I now try to reset passwords, I get the mail, but the password reset form does nothing (it does complain correctly on too short passwords). During the import, I left the password fields empty.

The events on ACP do not show anything coming in.
I'm on 0.6.x updated this morning.

New user creation works ok.

Editing to say that I'm running on Mongo if that has any impact.

codejet

I fully tested it, my post is back a few posts. Everything works in 0.6.1 just doesn't give any sort of confirmation the reset has completed

tekojo

@Codejet so going back to 0.6.1 would fix it? (except the button not showing that something happened)

This is mostly a theoretical question, as the intention is to have OAuth only for logging in.
But now in the testing phase that would benefit from using some of the accounts locally.

codejet

@tekojo what version are you on ?

I don't use the dev release for fearing code breaking. Haven't bothered trying to find out how to update it, I just don't trust development releases of anything I'm running on my main servers

tekojo

@Codejet good approach.
And thanks for the info.

I'll move us back to 0.6.1 from 0.6.x. It isn't a big operation, we anyway need to run a full import into a clean database when we do the final move.

The experience with NodeBB has been really good.