Details
-
Bug
-
Resolution: Fixed
-
Low
-
None
-
None
Description
At the moment, When a user tries to reset a password with a invalid token, the token expiry message is shown after user has entered the password rather than redirecting much earlier.
Ways to reproduce:
1. Generate a user password reset request and follow the link after 24 hours or just change the token and reach the url, the user will be able to type in password and then will be redirected to generate a new request.