Enabling CAPTCHA or e-mail for JabberIqRegister breaks password changing functionality. (#1229)

Wojciech Kapcia (Tigase) opened 4 years ago

In order to require additional information before changing the password, the server or service SHOULD return a Data Form in the error stanza:

Currently we just return error:

<!--   2021-01-11T21:22:34Z   >>>>   -->
<iq id='AD486CBD-3E70-4F60-AEC7-658E69742233' to='wojtek@tigase.org/585865504-tigase-22' type='set'>
<query xmlns='jabber:iq:register'>
<username>wojtek</username>
<password></password>
</query>
</iq>

<!--   2021-01-11T21:22:34Z   <<<<   -->
<iq type='error' xmlns='jabber:client' to='wojtek@tigase.org/585865504-tigase-22' from='wojtek@tigase.org/585865504-tigase-22' id='AD486CBD-3E70-4F60-AEC7-658E69742233'>
<query xmlns='jabber:iq:register'>
<username>wojtek</username>
<password></password>
</query>
<error code='400' type='modify'>
<bad-request xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas' xml:lang='en'>CAPTCHA is required. Please reload your registration form.</text>
</error>
</iq>

I think that for authenticated users we can just skip this requirement and just allow changing the password without additional requirements.

Activities

Wojciech Kapcia (Tigase) commented 4 years ago

Seems to be fixed already (?!). Can't reproduce.
Login to comment

Type	Bug
Priority	Normal
Assignee	Wojciech Kapcia (Tigase)
Version	tigase-server-8.2.0

Issue Votes (0)

Watchers (0)

Reference

tigase/_server/server-core#1229