Infinite URL redirection when logging in after resetting password
|Reported by:||siddhu.warrier@…||Owned by:||pacopablo|
I'm using SessionStore to store the password in the MySQL database. I'm using the 0.11 version of Trac Account Manager
I found that if I were to:
- Reset password and have it emailed to me.
- Log in with the new password.
I keep getting redirected, infinitely. I fooled about with the code and figured that, in do_account, the session variable 'force_change_passwd' was not being reset if the request method was not 'POST':
This can be fixed by adding the following to acct_mgr/web_ui.py:
However, this does not completely fix the problem (just works around it and allows me to log in), as the chrome warning does not appear. I did a bit of an inspect and walk through (very amateurishly), and found the following function calls occuring in web_ui.py of the AccountManager plugin:
called by ('/usr/lib/python2.5/site-packages/trac/prefs/web_ui.py', 73, 'process_request', template, data = chosen_provider.render_preference_panel(req, panel_id)\n?, 0).
In _do_account as user Superman.
called by ('build/bdist.linux-x86_64/egg/acct_mgr/web_ui.py', 196, 'render_preference_panel', None, None).
Resetting session variable...
As you can see, post_process-request is called twice after I reset the session variable. So the chrome warning is lost. Unfortunately, I could not dig in further due to temporal constraints.
I hope this helps.