Invalid tokens for password reset
Steps to reproduce
- Log out
- Ask password reset for any user (tested with 2 different ones)
- Correctly receive email with reset link
- Go to the reset form (successfully)
- Enter a new password, click "Submit"
Note that I'm aware this bug may be specific to my instance (https://funk.firobe.fr), but I don't know why it would be the case yet.
What happens?
The UI reports: "Error while changing your password Invalid value"
Analyzing the answer from the server yields a 400 Bad Request reponse, with the payload
{"token": "Invalid value"}The token sent by the request is the one transmitted in the e-mail as expected.
funkwhale-server just reports a bad request on the endpoint
What is expected?
The token sent by email is accepted by the API to reset the password.
Context
Funkwhale version(s) affected: 1.3.1+git.cc7fde67
Instance configuration: non-docker, nginx