grails-spring-security-core icon indicating copy to clipboard operation
grails-spring-security-core copied to clipboard

Published 20 hours ago verified publisher icon grails

Verifying a new user account does not unlock that account.

Open spierepf opened this issue 7 years ago • 6 comments

Steps to Reproduce

I've created a demo grails app that uses spring-security-ui and contains a failing integration test that I would expect to pass.

$ grails test-app

Expected Behaviour

The test creates a User object with a registration token. That User object has the accountLocked field set to true (which corresponds to the state of that field when a new user account is created through the browser).

I would expect that when the user clicks on the verification link that they receive by email (/registration/verifyRegistration?t=xxxxxxxxxxx) that the accountLocked field would be set to false.

Actual Behaviour

The user is logged in, but their account is still locked, so that future login attempts will fail.

Environment Information

I'm on Windows 10, but I've also tried it on Ubuntu 16.04

$ grails --version |Grails Version: 3.3.8 |Groovy Version: 2.4.15 |JVM Version: 1.8.0_161

Example Application

https://github.com/spierepf/demo

spierepf avatar Nov 29 '18 15:11 spierepf