openerp-india team mailing list archive

Thread
Date

[Bug 1162914] Re: auth_signup: Password reset by email stopped working

To: openerp-india@xxxxxxxxxxxxxxxxxxx
From: Isaac Richter <laughingjudge@xxxxxxxxx>
Date: Wed, 04 Sep 2013 15:22:06 -0000
Reply-to: Bug 1162914 <1162914@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

It looks like there is a race condition between the rpc calls to
/auth_signup/retrieve (verify the auth token) and
/auth_signup/get_config (determine whether password reset buttons and
signup buttons are permitted). Whichever one finishes second gets to set
up the form, so if the auth token verification is faster than the signup
checks, the browser will briefly display the reset form before switching
to the normal login form.

I've attached a patch against the 7.0-20130903-231112-1 nightly deb that
doesn't bother calling get_config if it's already called to verify the
auth token.

** Patch added: "auth_signup diff against 7.0-20130903-231112-1"
   https://bugs.launchpad.net/openobject-addons/+bug/1162914/+attachment/3802490/+files/auth_signup_bug1162914.diff

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Addons.
https://bugs.launchpad.net/bugs/1162914

Title:
  auth_signup: Password reset by email stopped working

Status in OpenERP Addons (modules):
  Confirmed

Bug description:
  Steps to reproduce:

  1. Go to user profile
  2. Click on button to reset password
  3. Go to email and click on link to reset password

  Expected: Form with fields to insert new password

  Observed: normal login form, with pre-filled and read-only username

  Possible fix:

  I've looked at the code, and it seems it's re-setting the form type as
  "default" even if it's a reset request. I've commented that line and
  it seems to work fine now.

  Diff:

  === modified file 'auth_signup/static/src/js/auth_signup.js'
  --- auth_signup/static/src/js/auth_signup.js	2013-02-28 16:44:17 +0000
  +++ auth_signup/static/src/js/auth_signup.js	2013-04-01 17:33:15 +0000
  @@ -57,7 +57,7 @@
                       self.rpc("/auth_signup/get_config", {dbname: dbname}).done(function(result) {
                           self.signup_enabled = result.signup;
                           self.reset_password_enabled = result.reset_password;
  -                        self.set('login_mode', 'default');
  +                        // self.set('login_mode', 'default');
                       });
                   } else {
                       // TODO: support multiple database mode

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-addons/+bug/1162914/+subscriptions