Users cannot reset password when the redirect method is enforced as the page times out with error: "The Page isn't redirecting properly". I'm going to submit a patch that will check for reset password query parameter and ignore the redirect if is present.

CommentFileSizeAuthor
#2 entity_legal-disable-redirect-password-reset-2892455-2.patch684 bytesapmsooner
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

apmsooner created an issue. See original summary.

apmsooner’s picture

apmsooner CreditAttribution: apmsooner commented
Status: Active » Needs review
FileSize
entity_legal-disable-redirect-password-reset-2892455-2.patch684 bytes
apmsooner’s picture

apmsooner CreditAttribution: apmsooner commented

Not sure why the test fails for the simple patch but I would appreciate any feedback to get this issue fixed and issued in the next release. I've been submitting various patches on other Drupal 7 modules lately with absolutely no response or attention from the maintainers and its getting very frustrating.

To produce the issue:

  1. Create a legal document with existing users setting set to 'redirect'.
  2. Create a user with role that must agree to the legal document
  3. As user created from step 2, request new password which would send the one time login link
  4. As user click the link from email and then click the button on the one time login page where it should redirect to user/*/password

Because the entity legal document is trying to redirect them to document acceptance page, the page will time out and deliver a redirect error. This patch will check for the query parameter: 'pass-reset-token' and ignore trying to redirect if it exists.