Rick Vasquez Posted August 22 Posted August 22 tested resetting passwords due to a large number of the same complaints within an hour password links saying they are invalid. There is no errors in the logs and the link does go to the correct place with a correct key, but just gives the same error even on accounts with admin access.
teraßyte Posted August 22 Posted August 22 Did you customize the email templates at some point perhaps? The last 4.7.18 update changes the templates to include a new security key in the URLs, without it you'd always get an error no matter what. Stuart Silvester 1
Jim M Posted August 22 Posted August 22 33 minutes ago, Rick Vasquez said: but just gives the same error even on accounts with admin access. Are you going to another user's password reset link? If so, that would be intended as you are not the user.
Rick Vasquez Posted August 23 Author Posted August 23 20 hours ago, teraßyte said: Did you customize the email templates at some point perhaps? The last 4.7.18 update changes the templates to include a new security key in the URLs, without it you'd always get an error no matter what. no, I am using sendgrid and their link trackers, i can likely turn that off, but I'd assume it works because of the API integration. 20 hours ago, Jim M said: Are you going to another user's password reset link? If so, that would be intended as you are not the user. No, this is for the intended users and users are unable to reset their passwords.
Jim M Posted August 23 Posted August 23 12 minutes ago, Rick Vasquez said: o, I am using sendgrid and their link trackers, i can likely turn that off, but I'd assume it works because of the API integration. You will want to turn that off to test. It has caused issues in the past because it malforms URLs.
teraßyte Posted August 23 Posted August 23 Using SendGrid won't matter if you changed the email templates, but based on your reply you haven't changed them. 🤔 Try what Jim M suggested and see how it goes.
Rick Vasquez Posted August 24 Author Posted August 24 turning link tracking off seems to have worked, but also that's a bit lame that it won't work with it on.
teraßyte Posted August 24 Posted August 24 Sendgrid's link tracking often breaks links. They really should make it a bit more robust... 🙄
Jim M Posted August 24 Posted August 24 9 hours ago, Rick Vasquez said: turning link tracking off seems to have worked, but also that's a bit lame that it won't work with it on. Glad to hear that turning it off worked. I would advise contacting SendGrid as it is their link tracking which is breaking it. Think of it like sending a letter via the postal service and they chop off a portion of the letter which makes it unreadable.
Rick Vasquez Posted September 25 Author Posted September 25 yeah, it worked and then they started injecting the link tracking again even with it off. I'm trying to figure out why a first party integration doesn't just work. I'll move to an SMTP based approach instead of the API.
Rick Vasquez Posted September 25 Author Posted September 25 also I spoke too soon it seems like this is still an issue even without branded links and with full URL's that look like this: https://www.domain.com/board/index.php?app=core&module=system&controller=redirect&url=https://www.domain.com/board/lostpassword/?do=validate%26vid=<someslug>%26mid=<somememberid>&key=<anotherslug>&email=1&type=lost_password_init
Jim M Posted September 25 Posted September 25 Do you have a full example of the link here? You can place it in the notes section of the Access Details area of the Client Area if you do not wish to post here.
Rick Vasquez Posted September 27 Author Posted September 27 You mean like a potentially valid full one?
Marc Posted September 27 Posted September 27 Yes please. Add this within the notes area of your client area. Not here
Rick Vasquez Posted September 28 Author Posted September 28 could this be if I enabled 2 factor while some users were dormant and couldn't log in to add it before it being required to log in and forgetting their password? I think this may be the issue as I had to do that recently for the community due to a breach from the 4.18 patch fix.
Rick Vasquez Posted September 28 Author Posted September 28 Alright I did this after logging in without asking for a reset and changing the password etc. It is still not working added to notes now. @Marc @Jim M Thanks!
Jim M Posted September 28 Posted September 28 We would need to look further into this for you, however the access details on file appear to be incorrect or missing. Could you please update these details by visiting your client area, selecting the relevant purchase, then clicking "Review/Update Access Information" under the "Stored Access Information" section. We look forward to further assisting you. SeNioR- 1
Rick Vasquez Posted October 2 Author Posted October 2 On 9/28/2024 at 4:15 PM, Jim M said: We would need to look further into this for you, however the access details on file appear to be incorrect or missing. Could you please update these details by visiting your client area, selecting the relevant purchase, then clicking "Review/Update Access Information" under the "Stored Access Information" section. We look forward to further assisting you. updated, sorry for the latency it seems like email notifications aren't coming in.
Rick Vasquez Posted October 24 Author Posted October 24 the issue persists was there any cause found?
Marc Posted October 24 Posted October 24 Are these password resets that were done a while ago by any chance?
Marc Posted October 25 Posted October 25 The template is indeed modified on your system, as mentioned further up on this topic. You need to revert that, as its why you have issues.
Recommended Posts