openwisp-users icon indicating copy to clipboard operation
openwisp-users copied to clipboard

Published 20 hours ago verified publisher icon openwisp

[bug] Password change page can fail with NoReverseMatch

Open nemesifier opened this issue 1 year ago • 2 comments
trafficstars

@pandafy let's handle this exception:

NoReverseMatch: Reverse for 'account_set_password' not found. 'account_set_password' is not a valid view function or pattern name.
  File "django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "django/contrib/auth/decorators.py", line 23, in _wrapper_view
    return view_func(request, *args, **kwargs)
  File "django/views/generic/base.py", line 104, in view
    return self.dispatch(request, *args, **kwargs)
  File "django/utils/decorators.py", line 46, in _wrapper
    return bound_method(*args, **kwargs)
  File "allauth/decorators.py", line 20, in wrap
    resp = function(request, *args, **kwargs)
  File "django/utils/decorators.py", line 46, in _wrapper
    return bound_method(*args, **kwargs)
  File "django/views/decorators/debug.py", line 92, in sensitive_post_parameters_wrapper
    return view(request, *args, **kwargs)
  File "allauth/account/views.py", line 588, in dispatch
    return super(PasswordChangeView, self).dispatch(request, *args, **kwargs)
  File "django/views/generic/base.py", line 143, in dispatch
    return handler(request, *args, **kwargs)
  File "allauth/account/views.py", line 93, in get
    response = super(AjaxCapableProcessFormViewMixin, self).get(
  File "django/views/generic/edit.py", line 144, in get
    return self.render_to_response(self.get_context_data())
  File "allauth/account/views.py", line 592, in render_to_response
    return HttpResponseRedirect(reverse("account_set_password"))
  File "django/urls/base.py", line 88, in reverse
    return resolver._reverse_with_prefix(view, prefix, *args, **kwargs)
  File "django/urls/resolvers.py", line 828, in _reverse_with_prefix
    raise NoReverseMatch(msg)

nemesifier avatar Feb 15 '24 16:02 nemesifier

This error is raised when the user has registered with social login/SAML and then tries to access the password change page.

For such users, instead of rendering the form at /password/change/ or /password/set/ page, we should show them a message that they registered with third party provider (add name of the service), hence they don't need to set the password.

pandafy avatar Feb 15 '24 16:02 pandafy

"Your account does not use a password for logging in and hence updating the password is not needed."

pandafy avatar Feb 15 '24 17:02 pandafy

Users having unusable password (i.e. registered with social login/saml) would see this on password change page instead of the form:

Screenshot from 2024-06-04 23-02-50

I have adapted the design from the password changes success page

Screenshot from 2024-06-04 23-02-40

pandafy avatar Jun 04 '24 17:06 pandafy