openerp-india team mailing list archive

Thread
Date

[Bug 1104070] Re: Password reset will not work when public portal is active

To: openerp-india@xxxxxxxxxxxxxxxxxxx
From: Isaac Richter <laughingjudge@xxxxxxxxx>
Date: Wed, 04 Sep 2013 15:19:22 -0000
Reply-to: Bug 1104070 <1104070@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

It looks like there is a race condition between the rpc calls to
/auth_signup/retrieve (verify the auth token) and
/auth_signup/get_config (determine whether password reset buttons and
signup buttons are permitted). Whichever one finishes second gets to set
up the form, so if the auth token verification is faster than the signup
checks, the browser will briefly display the reset form before switching
to the normal login form.

I've attached a patch against the 7.0-20130903-231112-1 nightly deb that
doesn't bother calling get_config if it's already called to verify the
auth token.

** Patch added: "auth_signup_bug1162914.diff"
   https://bugs.launchpad.net/openobject-addons/+bug/1104070/+attachment/3802489/+files/auth_signup_bug1162914.diff

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Addons.
https://bugs.launchpad.net/bugs/1104070

Title:
  Password reset will not work when public portal is active

Status in OpenERP Addons (modules):
  Fix Released

Bug description:
  A password reset request will not work when the public portal is
  active. This is caused by the automatic login of the anonymous user,
  thus making any request redirect there and the login form where the
  password can be confirmed is never shown.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-addons/+bug/1104070/+subscriptions

References

[Bug 1104070] [NEW] Password reset will not work when public portal is active
From: Marcel van der Boom (HS-Development BV), 2013-01-24