Verified Commit d01bb38b authored by Jess's avatar Jess
Browse files

Issue #3282420 by RhiP, cilefen: Ask new users to set, instead of change, their password 

(cherry picked from commit b66feed7)
parent 705850f1

core/modules/user/src/Controller/UserController.php

+1 −1
Original line number Diff line number Diff line
@@ -244,7 +244,7 @@ public function resetPassLogin($uid, $timestamp, $hash, Request $request) { 
    elseif ($user->isAuthenticated() && ($timestamp >= $user->getLastLoginTime()) && ($timestamp <= $current) && hash_equals($hash, user_pass_rehash($user, $timestamp))) {

      user_login_finalize($user);

      $this->logger->notice('User %name used one-time login link at time %timestamp.', ['%name' => $user->getDisplayName(), '%timestamp' => $timestamp]);

      $this->messenger()->addStatus($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please change your password.'));

      $this->messenger()->addStatus($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please set your password.'));

      // Let the user's password be changed without the current password

      // check.

      $token = Crypt::randomBytesBase64(55);