Possibly I don’t understand the FSM for deactivation.
We recently deactivated a user twice, because, for some reason, they seemed to have a problem with forget pwd, and we sent two reactivation emails.
The second time, the account disappeared altogether – it appears to have been somehow auto-deleted. We are able to create a new account with the same account name and the same email address as the previous one.
What am I misunderstanding about deactivation?
There is a setting
purge unactivated users grace period days, if an account is still deactivated, has zero posts, and that grace period is met, it deletes the account.
Hmm. Set at 14 days for us, but we saw the deletion within 24 hours. This may be a bug.
When was the user account created? As it is based on the user’s creation date. Not when they were deactivated
Do you mean that, if you deactivate an old user account to send a re-activation email, it will be deleted right away? This would seem counter-intuitive.
I suppose I do (sort of). Granted, I think it only deletes them if they have zero posts too. I’d have to find the actual logic in the code, but I think there are some fail safes for users that have “activity” when they are deactivated. It is only for users who have no activity.
Edited: Code block
This would explain the delete we saw. Old user, but no posts.
Deactivating a user because they report troubles logging in isn’t the right action. They should figure out if they entered the wrong email, forgot their password, or some other issue and fix that instead.
Multiple users have not been able to get “Forget password” working for them, which was the right tool but failed to work for them. For those for whom it failed, we tried to resolve their login problem by sending them a re-activation email.
None of what you describe requires deactivating the account.
What should be the next step when a user is not able to reset his/her pwd with forget password?
They should check their spam/junk folders, filters, and other reasons they may not be receiving emails. Also, make sure they typed their email addresses correctly when they signed up.
Just to amplify on this, Discourse offers an opportunity to correct email after signup as of version 1.8.
Also @InspektorCluzo users can initiate “forgot password, please send me an email to reset” on their own, as much as they like.
We also added an “oh no I can’t get an email” help page in 1.9, triggerable via the help button above.
well, there are rate limits on password reset requests, but you know what I mean
Thanks, @neil, @codinghorror.
When we were invite-only, we had significant problems with login, with about 1/3 of the users unable to login the second time. I think it must have been users unable to login when they registered on one device but tried to login from another. At the time, forget password did not appear to work for any of them. We ended up systematically entering temp pwds in users accounts, emailing them the pwds and asking them to change them - very insecure MO.
We have hardly had any login trouble since moving to regular registration, but as a carry-over from the past we just assumed that forget-pwd was broken enough that it was not worth investing time into trying to get it to work. We will be more thorough from here on.
Is there a simple, Discourse-based way to give users who can’t login a way to contact the forum, that would land into a Discourse admin or mod thread? This would be really helpful to us, since our community is Discourse-only at this time.
Make sure you have contact info specified in your site settings, as you can see above the help page for login directs people to the
/about page – your contact email / web info should be on that page if it is entered in site settings. Like so:
On our Discourse, an email to
firstname.lastname@example.org automatically creates a PM to the team group.