leonardo/yii2-usuario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #136 from maxxer/password_expiration

Browse Source 
Password expiration
This commit is contained in:
Antonio Ramirez
2018-02-07 22:51:39 +01:00
committed by GitHub
parent d35501618e de543058a3
commit 2ec05cc75e
11 changed files with 194 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/installation/configuration-options.md
View File

@ -48,6 +48,25 @@ If `true` it will enable password recovery process.
If `true` and `allowPasswordRecovery` is false, it will enable administrator to send a password recovery email to a
user.
#### maxPasswordAge (type: `integer`, default: `null`)
If set to an integer value it will check user password age. If the days since last password change are greater than this configuration value
user will be forced to change it. This enforcement is done only at login stage. In order to perform the check in every action you must configure
a filter into your controller like this:
```
use Da\User\Filter\PasswordAgeEnforceFilter;
class SiteController extends Controller
{
public function behaviors()
{
return [
[...]
'enforcePasswordAge' => [
'class' => PasswordAgeEnforceFilter::className(),
],
```
This will redirect the user to their account page until the password has been updated.
#### allowAccountDelete (type: `boolean`, default: `true`)
If `true` users will be able to remove their own accounts.