1

A user has forgotten her password, so she uses the 'forgotten password' function. She receives an email with one-time login, and proceeds to edit her profile to set a new password.

But that form requires the old password in order to reset password. A catch 22 situation?

Improve this question

2 Answers 2

Reset to default
1

The forgotten password function should not require the old password. Rather, the password reset link that you get in the email should take you to a password reset page immediately.

The path I got was something like domain.com/user/37/edit?pass-reset-token=[long token string] and on this page, it immediately asks for your new password which you must set.

Improve this answer
4
  • Thanks. The email template has the correct token ( [user:one-time-login-url]) but the URL it emails doesn't contain the word 'edit'. It looks like this domain.com/user/reset/7/xxxxx. Clicking it takes me to a page with a login link, and then I'm logged in. It doesn't take me to a password reset page immediately? Commented Aug 3, 2011 at 14:02
  • 1
    I just tested this and it took me to the account edit page where no old password was required. Do you have additional modules enabled that might be fiddling with the default behavior? The token used in my password reset email is [user:one-time-login-url]. My reset URL looked like this: example.com/user/reset/1/1312385639/… Commented Aug 3, 2011 at 15:37
  • 1
    Ah I found the problem. The site had a trigger/action set to direct to the homepage on login. Stupidly I didn't check for that. Many thanks to nmc and rfay for the spot on answers. Commented Aug 9, 2011 at 8:42
  • If you want to keep the rule though drupal.stackexchange.com/q/38359/39617 Commented Mar 30, 2015 at 17:08
2

Same problem here. My site had an action set to direct to the homepage on login. This helped me a lot to identify it. My solution was to disable the action an set a destination parameter by GET in my template to redirect user to the homepage on login. "/user?destination=/"

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.