From 9881b8a4e24bc81b1acd80b51c5c2541b063149e Mon Sep 17 00:00:00 2001 From: Jack Hay Date: Fri, 1 Sep 2023 12:15:39 -0400 Subject: [PATCH] Add more descriptive error on forgot password page (#26848) ## Changes - Forces flashed error to render immediately when forgot password code is incorrect or has expired. - Adds a link back to the `forgot_password` page so that the user can restart the process (in the event that their link has expired) --- options/locale/locale_en-US.ini | 1 + routers/web/auth/password.go | 7 ++++--- templates/user/auth/reset_passwd.tmpl | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 401692388..66f67d489 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -379,6 +379,7 @@ email_not_associate = The email address is not associated with any account. send_reset_mail = Send Account Recovery Email reset_password = Account Recovery invalid_code = Your confirmation code is invalid or has expired. +invalid_code_forgot_password = Your confirmation code is invalid or has expired. Click here to start a new session. invalid_password = Your password does not match the password that was used to create the account. reset_password_helper = Recover Account reset_password_wrong_user = You are signed in as %s, but the account recovery link is meant for %s diff --git a/routers/web/auth/password.go b/routers/web/auth/password.go index b34a1d8fc..1432338e7 100644 --- a/routers/web/auth/password.go +++ b/routers/web/auth/password.go @@ -5,6 +5,7 @@ package auth import ( "errors" + "fmt" "net/http" "code.gitea.io/gitea/models/auth" @@ -108,14 +109,14 @@ func commonResetPassword(ctx *context.Context) (*user_model.User, *auth.TwoFacto } if len(code) == 0 { - ctx.Flash.Error(ctx.Tr("auth.invalid_code")) + ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", fmt.Sprintf("%s/user/forgot_password", setting.AppSubURL)), true) return nil, nil } // Fail early, don't frustrate the user u := user_model.VerifyUserActiveCode(code) if u == nil { - ctx.Flash.Error(ctx.Tr("auth.invalid_code")) + ctx.Flash.Error(ctx.Tr("auth.invalid_code_forgot_password", fmt.Sprintf("%s/user/forgot_password", setting.AppSubURL)), true) return nil, nil } @@ -134,7 +135,7 @@ func commonResetPassword(ctx *context.Context) (*user_model.User, *auth.TwoFacto ctx.Data["user_email"] = u.Email if nil != ctx.Doer && u.ID != ctx.Doer.ID { - ctx.Flash.Error(ctx.Tr("auth.reset_password_wrong_user", ctx.Doer.Email, u.Email)) + ctx.Flash.Error(ctx.Tr("auth.reset_password_wrong_user", ctx.Doer.Email, u.Email), true) return nil, nil } diff --git a/templates/user/auth/reset_passwd.tmpl b/templates/user/auth/reset_passwd.tmpl index ac6eb35f1..d7734bc57 100644 --- a/templates/user/auth/reset_passwd.tmpl +++ b/templates/user/auth/reset_passwd.tmpl @@ -57,7 +57,7 @@ {{end}} {{else}} -

{{.locale.Tr "auth.invalid_code"}}

+

{{.locale.Tr "auth.invalid_code_forgot_password" (printf "%s/user/forgot_password" AppSubUrl) | Str2html}}

{{end}}