Skip to content

Can't create/reset user password if user address is not valid #27954

Closed
@rafal-kos

Description

@rafal-kos

Preconditions (*)

  1. Magento 2.4-develop
  2. Open Create New Account Options and enable Require Emails Confirmation
  3. Create user with address (no special validation) via admin

Steps to reproduce (*)

  1. Add some kind of validation to address fields (limit length for city name)

UPDATE customer_eav_attribute SET validate_rules='{"input_validation":1,"min_text_length":0,"max_text_length":2}'
WHERE attribute_id=(SELECT attribute_id FROM eav_attribute WHERE entity_type_id=2 AND attribute_code='city');

OR for example you could create a plugin beforeSave on \Magento\Customer\Api\AddressRepositoryInterface that will add custom validation of address data.
2. Go to frontend
3. Click Sign In
4. Click Forgot Your Password?
5. Fill fields and click Reset My Password
6. Open email and click Set a New Password

Expected result (*)

  1. Forgot password functionality should allow the user to reset password
  2. Address data shouldn't be used in reset password process

Actual result (*)

  1. You will be redirected to Forgot Your Password? page

Problem is in class Magento\Customer\Model\ForgotPasswordToken\ConfirmCustomerByToken in method execute which runs save on customer object.

We should disable address validation in this process or make an error message more clear for user.

Metadata

Metadata

Assignees

Labels

Component: CustomerFixed in 2.4.xThe issue has been fixed in 2.4-develop branchIssue: ConfirmedGate 3 Passed. Manual verification of the issue completed. Issue is confirmedIssue: Format is validGate 1 Passed. Automatic verification of issue format passedIssue: Ready for WorkGate 4. Acknowledged. Issue is added to backlog and ready for developmentPriority: P3May be fixed according to the position in the backlog.Progress: doneReported on 2.4.0Indicates original Magento version for the Issue report.Reproduced on 2.4.xThe issue has been reproduced on latest 2.4-develop branchSeverity: S2Major restrictions or short-term circumventions are required until a fix is available.Triage: DoneHas been reviewed and prioritized during Triage with Product Managers

Type

No type

Projects

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions