0021929: User Verification Link is being consumed before use - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0021929	mantisbt	authentication	public	2016-11-18 05:14	2016-11-27 00:45

Reporter	Stephen Salter	Assigned To	cproensa
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	won't fix
Product Version	1.2.19

Summary	0021929: User Verification Link is being consumed before use
Description	We have a customer who is regularly unable to use the user verification link in the email. It reports that the link has already been used or is invalid.
Additional Information	When I look at the user entry in the database, it reports a single login, and the last login date is ~17s later than the create date. This seems very quick for a user to have checked their email, clicked the link and entered a new password in two boxes and clicked update. It has also happened to too many independent users for it to be the common user errors. My suspucion is that their email server is somehow testing the link which causes the link to become consumed
Tags	No tags attached.

duplicate of	0020686	closed	cproensa	Make sure new users complete the registration process
duplicate of	0006009	closed	cproensa	Cannot change password in second enter to verification page

cproensa 2016-11-18 05:28 developer ~0054541	Your issue seems like it's caused by the expiration of authentication links, described and fixed in 0020686, 0006009 Fixed in version >= 1.3.0 We are resolving this issue as "no change required", because it was reported against an old version of MantisBT We recommend that you upgrade to the latest stable version.