Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User password change is not working #18923

Closed
fdellwing opened this issue Sep 16, 2020 · 5 comments
Closed

User password change is not working #18923

fdellwing opened this issue Sep 16, 2020 · 5 comments
Assignees
@gabriellsh

Comments

@fdellwing
Copy link

Description:

If any user (admin or normal user) tries to change his password, it seems to work, but the new password is not working afterwards. I an admin sets a new password via the backend, the new password works.

Steps to reproduce:

  1. Go to "My Account"
  2. Enter new password twice
  3. Click "Save changes"
  4. Enter old password
  5. Save and see success message

Expected behavior:

The newly set password works after logging out.

Actual behavior:

The newly set password does not work after logging out, but the old one works.

Server Setup Information:

  • Version of Rocket.Chat Server: 3.6.1
  • Operating System: Ubuntu 18.04
  • Deployment Method: docker
  • Number of Running Instances: 3
  • DB Replicaset Oplog: Yes
  • NodeJS Version: 12.16.1
  • MongoDB Version: 3.6.9

Client Setup Information

  • Desktop App or Browser Version: Desktop App 2.15.3 and Firefox 80.0.1
  • Operating System: Kubuntu 18.04

Additional context

None.

Relevant logs:

There are no errors in the log.
@anuragxxd
Copy link

It works perfectly fine for me. Changing the password from my account is working.

Version of Rocket.Chat: 3.7.0
NodeJS Version: 12.18.3
MongoDB Version: 4.2.8
Operating System: MacOS

@axkibe
Copy link

axkibe commented Sep 22, 2020
edited

Same issue:
Version: 3.6.2
NodeJs: v12.14.0
OS: debian linux (I followed this, https://docs.rocket.chat/installation/manual-installation/debian/ I just had to change mongodb repository to fit to buster)

Note, maybe this is of importance, this is configured as a standalone system, not registered with cloud services.
Using nginx reverse proxy for SSL.

Also putting the wrong password in the current password verification field has no effect, it will report "success" the same way as putting the correct password, but the password will not be changed regardless.

PS: If you need any specific info I'll gladly help to get this resolved.

@fdellwing
Copy link
Author

fdellwing commented Sep 22, 2020
edited

Our instance is cloud registered and we use haproxy as loadbalancer/reverse proxy.

Also putting the wrong password in the current password verification field has no effect, it will report "success" the same way as putting the correct password, but the password will not be changed regardless.

I can also confirm this, you can put anything in that field.

P.S. Also he asks for old password and OTP, the OTP needs to be correct!

@gabriellsh
Copy link
Member

Fixed by #18836. Will be released in 3.7.0.

@dsobrinho40
Copy link

Hi team
During the process configure the new admin user I forgot the password and the recovery via email is not working.
How can I proceed?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gabriellsh gabriellsh

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@axkibe @fdellwing @gabriellsh @dsobrinho40 @anuragxxd