Password Change ?ssue

if user change the password from his account page this doesnt change auth0 user password.

This was addressed in the last release, 3.8.0. I just walked through the process just now and everything works as expected.

Are you getting an error message or failed log entry?

Okay i checked it again.
If i change user password from admin dashboard auth0 also uses same password.It works. But if i change it from woocommerce user dashboard where users can change their password under edit account tab. It doesnt work. In this case user password succesfully changed in wordpress database but not in auth0.

I tried in ?wle with new password i can login but with auth0 i cant

Dahsboard log errors when i try new password which is set from user dashbaord:

1- Failed Silent Auth
2- Failed Login (wrong password)
3- Failed cross origin authentication
4- Failed Silent Auth

Thanks for the legwork here. So I’m clear, you’re saying that it does not change through the WooCommerce user dashboard (front end of the site) but it does change when edited through the profile or user edit in WP-admin?

I’ll test that out, should not be difficult to add that same logic to WooCommerce’s password processing.

Yes exactly. if you change from wp-admin auth0 gets exactly same password what you choose as a new password which means it works on both. but if you change the password on woocommerce user account dashboard through front-end, auth0 doesnt recognise the new password.

Kind Regards.

OK, I’ll look into this as a part of the patch release coming out this week. Thanks again for the report.

Thank you Josh.

Okay, I checked the 3.8.1 it works.

I changed existing user password from Woocommerce account page it changed.
Logged out the user and try to login with auth0, there was no problem.

But; ??

When I was trying to change the password from front-end It gave old password is not correct error notification all the time even with different users.

So it works but it gives error notification.

Other Issues with 3.8.1

I deleted all cache from browser then login to wp-admin, created a new user from admin dashboard, logout and clean all cache.

Tried to login with new test user with auth0 login by username and password. It doesnt work. Gets in a infinite redirect loop in the end in chrome createds 502 Bad Gateway nginx error. In IE stays in turning circle continue to login process but nothing happens. Checked Auth0 dashboard. New user also created in Auth0 dashboard with Success Exchange log.
Old user accounts are working and no problem to login.
Plugin Error Log:
11/15/2018 04:00:30
WP_Auth0_Api_Change_Password::call
400
Error returned – PasswordStrengthError: Password is too weak
1
Changed password from wp-admin dashboard again for to fit what it needs.
User still can’t enter to site.
Then,

Created a new user with auth0 signup form. user created and added to Auth0 dashboard user list. But user cant login to wordpress.
Closed browser cleared cached login by admin and checked user list. The user which created by auth0 signup form is already created in wordpress too.
But that user couldnt enter the site. Cuase sign up form stucked.

1)In the end. New users who are created from admin panel and also auth0 signup forms unable to login to site. So I even could not try to change their password from woocommerce acount page.

2)Old users can login to site, they can change password from front-end but they get old password is not correct error notification even if password changed succesfuly.

3) I need to downgrade back to 3.8.0 asap for users to create at least account.How to do that ? where can i get it?

Okay last thing i found that new user only can create account and login right now by creating their account on woocommerce checkout page.

Only in this case user can login with Auth0 and wordpress login forms. Others above cant login and create account with Auth0 and also cant login by ?wle it always give wrong passowrd or username error notification on auth0.

Kind Regards.

@medyapin – This is a lot to get through all at once so let’s keep this thread focused on the password changing.

I just re-tested the password change on the front-end of the site in the WooCommerce My Account section and everything works as expected. Steps were:

1. Created an admin account during the setup wizard
2. Logged out and back in after setup to make sure everything was setup correctly
3. Went to the My Account in WooCommerce (/my-account/edit-account/)
4. Entered the current password and a new one; succeeded:

https://www.dropbox.com/s/duzi03fu450pppt/Screenshot%202018-11-15%2008.29.20.png?dl=0

5. Logged out, then back in with Auth0 and new password; succeeded
6. Logged out, then back in with WP and new password; succeeded
7. Tried changing the password in the profile and repeated #5 and 6; succeeded

This is the same test I did before releasing but just wanted to double-check and everything worked as expected.

The “old password is not correct” error comes from WooCommerce, not Auth0, so if you’re getting that then it’s likely that your old password is, in fact, incorrect. The password change process is stopped by Auth0 if it cannot change the password on our end so you should not have mis-matched data.

I’ll respond to the rest but if it remains a problem, I ask that you open a new thread so we can keep things focused. Thank you!

I deleted all cache from browser then login to wp-admin, created a new user from admin dashboard, logout and clean all cache. Tried to login with new test user with auth0 login by username and password. It doesnt work.

As long as you’ve got user migration on then that process should work. I just tested that out (create WP user, login with Auth0) with a public-facing site and it all worked as expected. You can try doing the user creation the other way, creating in Auth0 and then logging in to create the WP one.

Gets in a infinite redirect loop in the end in chrome createds 502 Bad Gateway nginx error. In IE stays in turning circle continue to login process but nothing happens.

I’m confused here … you’re saying that when you log in with a user that is not in Auth0 that it goes into a redirect loop? You should be stopped at the login form if it cannot find a user. The error log you pasted is for a password change so I might not be totally clear what you’re asking.

Created a new user with auth0 signup form. user created and added to Auth0 dashboard user list. But user cant login to wordpress.

But that user couldnt enter the site. Cuase sign up form stucked.

I’ll need an error message or something more to go on here.

New users who are created from admin panel and also auth0 signup forms unable to login to site.

That’s definitely a problem but I’m not able to replicate it using the process you’re explaining. If you can open a new support thread for that, that would be helpful. Make sure to include for each process that’s going wrong:

1. Step-by-step what you did to reproduce
2. The error message you see
3. The URL you ended up on
4. Any relevant entries in the error log

Thanks!

Okay all issues mixed i am creating new threads.

Deleted everything re installed plugin app and database connections. Now password change from front-end Works.
With new changed password i can login with auth0 too. Thx