Set password through link
kimboslice99 opened this issue · comments
Describe the bug
The "Set password through link" option doesnt seem to work
To Reproduce
Check the box, attempt to reset password
Configuration
[password_resets]
; settings for the password reset handler.
; enable to store provided email addresses, monitor jellyfin directory for pw-resets, and send reset pins
enabled = true
; path to the folder jellyfin puts password-reset files.
watch_directory = C:\Users\jellyfin\AppData\Local\jellyfin
; send users a link to reset their password instead of a pin. must be enabled to reset ombi password at the same time as the jellyfin password.
link_reset = true
; instead of automatically setting the user's password to the pin, allow them to set a new password through the reset link.
set_password = true
Platform/Version
Windows
A little investigation, It would seem this option works if invoked via the API
iwr "https://sub.domain.tld/accounts/my/password/reset/test" -Method Post
Then I get the password reset page, but if I go through the forgot password option on jellyfin then it will only give me the code, as if that option werent checked
Yeah sorry, I think when I did the userpage I got confused by the mess of PWR possibilities and accidentally broke this feature. There's no way of checking a jellyfin-generated PIN is valid except from actually using it which I don't want to do until you've given a new password, so in 83712a6 the set password page is just served always, and then applying the new password will fail is the PIN is invalid.
I'll get that fixed now.
Awesome, wasnt sure if theres supposed to be a captcha there too
should be fixed in 278588c, although thinking about it a captcha probably isn't necessary on such a page.
yeah youre probably right
thanks for all the work youve done here, saves me dealing with my own fork