Problem:
Log in to Wikibase.Cloud fails for account registered using task-specific email (e.g. helloworld12+task@gmail.com) after filling out password reset. Password is supposed to be reset but users can somehow use old password to log in.
Steps to reproduce
- Create a new account using a task-specific email (the one with + in it) either on wikibase.dev or wikibase.cloud
- Navigate to https://www.wikibase.cloud/forgotten-password
- Enter the email address associated with your account (i.e. the account that received this email) and select the “Reset” button
- You will receive an email with a link that will allow you to set a new password
- Follow this link and enter a secure new password for your account
- Log in to your Wikibase.cloud account using this new password
Notes
This issue was reported by 1 user.
A/C:
- Option 1: This user agrees to change his email
- Option 2: Fix api to work with task-specific emails
- Write test
- Change user's email to what he initially wants