Unverified Commit deead9fd authored by Alex Pott's avatar Alex Pott
Browse files

Issue #2855328 by danflanagan8, sourabh.singhal, Pancho, aarti zikre,... 

Issue #2855328 by danflanagan8, sourabh.singhal, Pancho, aarti zikre, asad_ahmed, priscarabelli, anushrikumari, ashwinparmar, vikashsoni, cilefen, ideaseed, Archana.Phatangare, quietone, finex, alexpott, catch, smustgrave, sugaroverflow: Password and confirm password should be mandatory fields while setting up password using one time link following by email

(cherry picked from commit 0b78493d)
parent 4c92f5a8

core/modules/user/src/AccountForm.php

+6 −3
Original line number Diff line number Diff line
@@ -157,9 +157,12 @@ public function form(array $form, FormStateInterface $form_state) { 
        ];

        $form_state->set('user', $account);



        // The user may only change their own password without their current

        // password if they logged in via a one-time login link.

        if (!$form_state->get('user_pass_reset')) {

        // If logged in via a one-time login link entering a new password is

        // required and the user does not need to enter their current password.

        if ($form_state->get('user_pass_reset')) {

          $form['account']['pass']['#required'] = TRUE;

        }

        else {

          $form['account']['current_pass']['#description'] = $this->t('Required if you want to change the <em>Email address</em> or the <em>Password</em> field below. <a href=":request_new_url" title="Send password reset instructions via email.">Reset your password</a>.', [

            ':request_new_url' => Url::fromRoute('user.pass')->toString(),

          ]);

core/modules/user/tests/src/Functional/UserPasswordResetTest.php

+4 −0
Original line number Diff line number Diff line
@@ -138,6 +138,10 @@ public function testUserPasswordReset(): void { 
    $this->assertSession()->linkExists('Log out');

    $this->assertSession()->titleEquals($this->account->getAccountName() . ' | Drupal');



    // Try to save without entering password.

    $this->submitForm([], 'Save');

    $this->assertSession()->pageTextContains('Password field is required.');



    // Change the forgotten password.

    $password = \Drupal::service('password_generator')->generate();

    $edit = ['pass[pass1]' => $password, 'pass[pass2]' => $password];