Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SMS code won't send when captcha is enabled #720

Closed
matazar opened this issue Sep 26, 2022 · 7 comments · Fixed by #721
Closed

SMS code won't send when captcha is enabled #720

matazar opened this issue Sep 26, 2022 · 7 comments · Fixed by #721
Labels
Milestone

Comments

@matazar
Copy link

matazar commented Sep 26, 2022

After upgrading to version 1.5.1, I've found I can't reset the password using the SMS method when the captcha is enabled.

With the captcha enabled, when you press send on the "Check that user information are correct and press Send to get SMS token" page, it redirects you back to the original SMS page claiming "the captcha is required" with no code sent.

When the captcha is disabled, the code is sent and the user is redirected to the SMS token page after clicking send as expected.

No errors are written to the logs file when this happens.

This is on FreeBSD using nginx with the sms_method set to mail. Tested with both PHP74 and PHP80.

@coudot coudot added the bug label Sep 26, 2022
@coudot coudot added this to the 1.5.2 milestone Sep 26, 2022
@coudot
Copy link
Member

coudot commented Sep 26, 2022

May be linked to fix on PHP session management. We need to reproduce and search a solution

@coudot
Copy link
Member

coudot commented Sep 26, 2022

I reproduce.

Should come from #680

@artlog
Copy link

artlog commented Sep 27, 2022

working on

@artlog
Copy link

artlog commented Sep 27, 2022

sendsms.php is called multiple times and the second time (smsuserfound) it is called captcha is not displayed but captcha check is done again.
Before #680 captcha was checked lately in specific cases.
current #680 code did try to check captcha first and consider that once a check is done on captcha can't be rechecked again unless a new captcha is reissued.
sendsms.tpl used in case smsuserfound does not redisplay a captcha but checking is done and then fails.
I have to clarify this captcha checking then.

artlog pushed a commit to Worteks/self-service-password that referenced this issue Sep 27, 2022
- revert to previous behavior of sendsms to place captcha check.
  - sendsms is called mutliple times during sms sending process
    one the first need captcha check.

- was a regression of ltb-project#680
@artlog
Copy link

artlog commented Sep 27, 2022

did kept in sendsms same checking place than before #680 but keep new generic function. fix regression and keep feature.

@artlog
Copy link

artlog commented Sep 27, 2022

@matazar Thanks for the report ! I have to appologize, since i am responsible of this regression.

@coudot coudot linked a pull request Sep 27, 2022 that will close this issue
@matazar
Copy link
Author

matazar commented Sep 27, 2022

@artlog It's no problem, thank you for addressing it so quickly!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants