it happened again. I got the solution less than 1 hour after posting the question.
But before posting it I want to say that this looks like a Magento bug to me.
Customers should be able to change their password even if the customer settings have been changed.
The obvious thing to do is to remove the line (and other ones related to it)
$validationErrorMessages = $customer->validate();
from the Mage_Customer_AccountController::resetPasswordPostAction
.
I don't think a full validation is required here since we are changing only the password.
All the other fields can be changed once the customer gets access to his account. (FOR WHICH HE NEEDS A PASSWORD)
But I didn't remove that, in case there is an other reason that I'm missing.
Here is what I did just for this particular case.
Since I only need to skip this validation on the recover password page, I observed the event controller_action_predispatch_customer_account_resetpasswordpost
and just registered a value.
<events>
<controller_action_predispatch_customer_account_resetpasswordpost>
<observers>
<[namespace]_[module]>
<class>[namespace]_[module]/observer</class>
<method>skipDobValidation</method>
</[namespace]_[module]>
</observers>
</controller_action_predispatch_customer_account_resetpasswordpost>
</events>
and the observer method looks like this:
public function skipDobValidation($observer) {
Mage::register('skip_dob_validation', true);
return $this;
}
And I've overwritten the validate
method in the customer model. I didn't find an event for it.
Basically it looks the same as in Mage_Customer_Model_Customer
except for this part.
if ($attribute->getIsRequired() && '' == trim($this->getDob())) {
$errors[] = Mage::helper('customer')->__('The Date of Birth is required.');
}
In my class it looks like this:
$skipDobValidation = Mage::registry('skip_dob_validation');
if (!$skipDobValidation) {
if ($attribute->getIsRequired() && '' == trim($this->getDob())) {
$errors[] = Mage::helper('customer')->__('The Date of Birth is required.');
}
}
I found the solution on another question and noticed that customers were also not able to login without doing a password reset. So I did research and came across this post - Customer Login Doesn't Work in 1.9.
I added this line to the login.phtml
file:
/app/design/frontend/default/template-name/template/persistent/customer/form/
and then pasted
<input type="hidden" name="form_key" value="<?php echo Mage::getSingleton('core/session')->getFormKey(); ?>" />
after
<ul class="form-list">
Now Customers can login after being logged out and customers can also reset their password as well!
Best Answer
This is a bug in Magento 2.2.6 and Magento 2.2.7. Go to the file vendor/magento/module-customer/Model/AccountManagement.php and patch it like this:
More info:
https://github.com/magento/magento2/commit/7443dc3194040e9ce2f7baf902470deb975b97c6 https://github.com/magento/magento2/issues/18256