leonardo/yii2-usuario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Document the maxPasswordAge config parameter #102

Browse Source
This commit is contained in:
Lorenzo Milesi
2018-01-23 06:01:43 +01:00
parent ad0c6c86ba
commit 0362c9bc04
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/installation/configuration-options.md
View File

@ -48,6 +48,25 @@ If `true` it will enable password recovery process.
If `true` and `allowPasswordRecovery` is false, it will enable administrator to send a password recovery email to a If `true` and `allowPasswordRecovery` is false, it will enable administrator to send a password recovery email to a
user. user.
#### maxPasswordAge (type: `integer`, default: `null`)
If set to an integer value it will check user password age. If the days since last password change are greater than this configuration value
user will be forced to change it. This enforcement is done only at login stage. In order to perform the check in every action you must configure
a filter into your controller like this:
```
use Da\User\Filter\PasswordAgeEnforceFilter;
class SiteController extends Controller
{
public function behaviors()
{
return [
[...]
'enforcePasswordAge' => [
'class' => PasswordAgeEnforceFilter::className(),
],
```
This will redirect the user to their account page until the password has been updated.
#### allowAccountDelete (type: `boolean`, default: `true`) #### allowAccountDelete (type: `boolean`, default: `true`)
If `true` users will be able to remove their own accounts. If `true` users will be able to remove their own accounts.