Skip to content

Add more descriptive error on forgot password page #26848

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Sep 1, 2023
Merged

Add more descriptive error on forgot password page #26848

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
6fd1d40
more descriptive error on forgot password page
jackHay22 Aug 31, 2023
3fbdcf7
Merge branch 'main' into jh/feat-reset-password-improvements
jackHay22 Aug 31, 2023
ed49e2e
add appsuburl to links
jackHay22 Sep 1, 2023
63fd822
add true to flash
jackHay22 Sep 1, 2023
b8cd552
Merge branch 'main' into jh/feat-reset-password-improvements
GiteaBot Sep 1, 2023
201e638
Merge branch 'main' into jh/feat-reset-password-improvements
GiteaBot Sep 1, 2023
d17f850
Merge branch 'main' into jh/feat-reset-password-improvements
GiteaBot Sep 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions options/locale/locale_en-US.ini
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -379,6 +379,7 @@ email_not_associate = The email address is not associated with any account.
send_reset_mail = Send Account Recovery Email
reset_password = Account Recovery
invalid_code = Your confirmation code is invalid or has expired.
invalid_code_forgot_password = Your confirmation code is invalid or has expired. Click <a href="%s">here</a> to start a new session.
invalid_password = Your password does not match the password that was used to create the account.
reset_password_helper = Recover Account
reset_password_wrong_user = You are signed in as %s, but the account recovery link is meant for %s
Expand Down
7 changes: 4 additions & 3 deletions routers/web/auth/password.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ package auth

import (
"errors"
"fmt"
"net/http"

"code.gitea.io/gitea/models/auth"
Expand Down Expand Up @@ -108,14 +109,14 @@ func commonResetPassword(ctx *context.Context) (*user_model.User, *auth.TwoFacto
}

if len(code) == 0 {
ctx.Flash.Error(ctx.Tr("auth.invalid_code"))
ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", fmt.Sprintf("%s/user/forgot_password", setting.AppSubURL)), true)
return nil, nil
}

// Fail early, don't frustrate the user
u := user_model.VerifyUserActiveCode(code)
if u == nil {
ctx.Flash.Error(ctx.Tr("auth.invalid_code"))
ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", fmt.Sprintf("%s/user/forgot_password", setting.AppSubURL)), true)
return nil, nil
}

Expand All @@ -134,7 +135,7 @@ func commonResetPassword(ctx *context.Context) (*user_model.User, *auth.TwoFacto
ctx.Data["user_email"] = u.Email

if nil != ctx.Doer && u.ID != ctx.Doer.ID {
ctx.Flash.Error(ctx.Tr("auth.reset_password_wrong_user", ctx.Doer.Email, u.Email))
ctx.Flash.Error(ctx.Tr("auth.reset_password_wrong_user", ctx.Doer.Email, u.Email), true)
return nil, nil
}

Expand Down
2 changes: 1 addition & 1 deletion templates/user/auth/reset_passwd.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
{{end}}
</div>
{{else}}
<p class="center">{{.locale.Tr "auth.invalid_code"}}</p>
<p class="center">{{.locale.Tr "auth.invalid_code_forgot_password" (printf "%s/user/forgot_password" AppSubUrl) | Str2html}}</p>
{{end}}
</div>
</form>
Expand Down