View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0021929 | mantisbt | authentication | public | 2016-11-18 05:14 | 2016-11-27 00:45 |
Reporter | Stephen Salter | Assigned To | cproensa | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | won't fix | ||
Product Version | 1.2.19 | ||||
Summary | 0021929: User Verification Link is being consumed before use | ||||
Description | We have a customer who is regularly unable to use the user verification link in the email. It reports that the link has already been used or is invalid. | ||||
Additional Information | When I look at the user entry in the database, it reports a single login, and the last login date is ~17s later than the create date. This seems very quick for a user to have checked their email, clicked the link and entered a new password in two boxes and clicked update. It has also happened to too many independent users for it to be the common user errors. My suspucion is that their email server is somehow testing the link which causes the link to become consumed | ||||
Tags | No tags attached. | ||||
Your issue seems like it's caused by the expiration of authentication links, described and fixed in 0020686, 0006009 Fixed in version >= 1.3.0 We are resolving this issue as "no change required", because it was reported against an old version of MantisBT |
|