Enforce password change event only if set #102

This commit is contained in:
Lorenzo Milesi
2018-01-23 05:15:01 +01:00
parent 3281169b86
commit 5484074d8e

View File

@ -147,10 +147,8 @@ class Bootstrap implements BootstrapInterface
} }
// Attach an event to check if the password has expired // Attach an event to check if the password has expired
if (!is_null(Yii::$app->getModule('user')->maxPasswordAge)) {
Event::on(SecurityController::class, FormEvent::EVENT_AFTER_LOGIN, function (FormEvent $event) { Event::on(SecurityController::class, FormEvent::EVENT_AFTER_LOGIN, function (FormEvent $event) {
if (is_null(Yii::$app->getModule('user')->maxPasswordAge)) {
return;
}
$user = $event->form->user; $user = $event->form->user;
if ($user->password_age >= Yii::$app->getModule('user')->maxPasswordAge) { if ($user->password_age >= Yii::$app->getModule('user')->maxPasswordAge) {
// Force password change // Force password change
@ -158,6 +156,7 @@ class Bootstrap implements BootstrapInterface
Yii::$app->response->redirect(['/user/settings/account'])->send(); Yii::$app->response->redirect(['/user/settings/account'])->send();
} }
}); });
}
if ($app instanceof WebApplication) { if ($app instanceof WebApplication) {
// override Yii // override Yii