Unable to use this if a user has changed their password #2
Comments
|
The module doesn't use the user's password to authenticate but directly signs it in. A password change shouldn't have any effect on the module. There's something else going on. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The scenario.
An new orchard user is created and various other set up done.
As part of a peer review, a user with admin rights will go into the orchard dashboard, go to users, and log in as them to check that things look right before the new orchard user is allowed to use the system.
The new orchard user either forgets their password/decides to change it, they carry on using the site as normal.
However, the user with admin rights goes in at somepoint to check on things, and wants to log in as our new user and can't because their password has been changed.
*I've stepped through the code - in this scenario, it looks like the user is found in the Admin controller, but appears to not authenticate properly - I'm not sure why this is, but they get redirected to the accessdenied method of the users controller, and that fails to authenticate the user and redirect them to the home page.
Help! This is an issue for us
The text was updated successfully, but these errors were encountered: