Hi I'm having a small Catch22 on a site:

  • User requests password
  • User uses emailed link to login
  • User clicks edit to set a new password
  • User is asked for the Current password

What is wrong in my logintoboggan setup that gets my users into this loop?

Comments

Gham’s picture

Hi

Just came across this very issue and solved it by using this module :

http://drupal.org/project/nocurrent_pass

It allows you to disable the requirement for the current password.

G.

blazindrop’s picture

I thought I was having a LoginToboggan-related issue and decided to try to reproduce your issue. Using D7.8 and LoginToboggan 7.x-1.3 and following your steps I cannot reproduce; when I login using the one-time login and go to my user edit page, I'm not asked for my password.

Can you tell us what your LoginToboggan settings are from /admin/config/system/logintoboggan?

Andrés Chandía’s picture

Hi there I'm having the same issue, so these are my settings:

Drupal 7.16
Login Toboggan 7.x-1.3

Configuration:
Allow users to login using their e-mail address YES
Use two e-mail fields on registration form YES
Set password NO
Override destination parameter NO
Present login form on access denied (403) YES
Display login successful message YES
Minimum password length 8

I do receive the one time login, when requesting a new password, that sends me to a page with next info:

You have successfully validated your e-mail address.

Reset password

This is a one-time login for Andrés Chandía and will expire on Tue, 06/11/2012 - 12:57.
Click on this button to log in to the site and change your password.
This login can be used only once.
LOGIN

Clicking on LOGIN sends me to my profile page, then I go to EDIT, to change my password, and here it asks me for my "Current password" which I don't know, that's why I'm requesting a new password, and I cannot set a new password because I don't know my current one:

Your current password is missing or incorrect; it's required to change the Password.

Probably I'm doing something wrong, could you give me some advice on how to solve this?

Thanks.

DynamicSoftware’s picture

Andrés,

I'm having the exact same problem as you are. I have a new website I'm trying to launch and can't seem to get past the registration because of this issue.

If anyone knows how to correct this, it would be greatly appreciated.

Thanks,
Domenic

cristiroma’s picture

We are facing the same issue, but this is a Drupal bug described here http://drupal.org/node/1596960

Road Kill’s picture

Andrés Chandía’s picture

Thanks, this module did the trick!

matt.rad’s picture

I am having this issue as well. It seems like a bug to me.

At any rate, Password Hustle solved it, and added something nice to my site in the process. Thanks Road Kill!

matt.rad’s picture

After more testing, I found that Password Hustle resulted in something weird that I did not like during password recovery (using the onetime login and entering then entering the new password via Password Hustle sent me back to the login...), so I went back to looking for a solution to this and found this thread:

https://drupal.org/node/1777422

Turns out the action I had set to send a user to their user page after logging in was the spanner in the works.

stevecowie’s picture

Status: Active » Closed (won't fix)

Thanks matt.rad for sharing that. It feels like this is not really a logintoboggan issue so we'll close this thread for now.

joe.didonato’s picture

This is happening on the Drupal.org site itself for me trying to create an account...

tagyoureit’s picture

Issue summary: View changes

Yes, agree with Joe... I can't set a password on DRUPAL.ORG because the one-time link requires a current password. D'oh!

nally’s picture

I am also experiencing this on drupal.org itself. Sorry for the "me too post" but can we find out what module structure drupal.org has? That may provide a clue to the underlying problem.

nally’s picture

Project: LoginToboggan »
Version: 7.x-1.3 »
Component: User interface » Code
Category: Support request » Bug report
Status: Closed (won't fix) » Active
nally’s picture

Thanks for the suggestion, YesCT, but I was not logged in initially when I experienced this problem, so that's one data point where this seems to be a different issue.

trevorforrest’s picture

I would suggest the simple password reset module or the pasword reset landing page module to solve this problem
https://drupal.org/project/simple_pass_reset
https://drupal.org/project/prlp

dddave’s picture

Category: Bug report » Support request
Status: Active » Closed (duplicate)

This is not drupal core and a dupe btw.

myke’s picture

I had this exact same problem on a website (Drupal 7). I am using logintoboggan, however, that did not turn out to be the problem.

I had a Rule to redirect users upon login. It turns out this was also redirecting them away from the password reset page.

I used the Path Rules module, and added an additional Condition into the check: The path must NOT contain "user/reset".

I had to add a second rule to redirect to the page I wanted them to go to on login when they update their account.

Everything seems to be working how I want it to now.

donavanwilliams’s picture

@myke: You sir, are the man. #19 - That's exactly what was going on for me. Many thanks!

BassPlaya’s picture

Why not use Drush to solve the issue?
First do
drush upwd 'Admin' --password=new_password

then do
drush uli
Copy and paste that link and log in, reset your Admin account's password, no?

ahmedbsalem2753’s picture

@myke would you please elaborate on your answer? I am dealing with the same issue, when I request to reset my password and go to edit my profile to change it the current password field is set to required and it shouldn't. There is a rule in my workflow and it goes as follow:

Events:
User has logged in

Conditions
None

Actions
Elements: Page redirect
URL Value: admin/workbench

Force Redirect is set to true

Append Destination Parameter is set to False.

Do I need to tweak something so it won't prompt me for my current password when I request a link to reset my password?

I am using Drupal 7
Thanks,t