From 042caef525f34aa22ec738304e25637bee121a2f Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 27 Mar 2014 16:33:25 -0500
Subject: [PATCH] Force create passwd for staff-initiated activation mails

---
 pwreset.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/pwreset.php b/pwreset.php
index 429b43f59..6fb51b487 100644
--- a/pwreset.php
+++ b/pwreset.php
@@ -49,7 +49,14 @@ elseif ($_GET['token']) {
             $acct->confirm();
             // TODO: Log the user in
             if ($client = UserAuthenticationBackend::processSignOn($errors)) {
-                $acct->cancelResetTokens();
+                if ($acct->hasPassword() && !$acct->get('backend')) {
+                    $acct->cancelResetTokens();
+                }
+                // No password setup yet -- force one to be created
+                else {
+                    $_SESSION['_client']['reset-token'] = $_GET['token'];
+                    $acct->forcePasswdReset();
+                }
                 Http::redirect('account.php?confirmed');
             }
         }
-- 
GitLab