From ad0c6c86ba52f297723e6012d66357eb1881fe72 Mon Sep 17 00:00:00 2001
From: Lorenzo Milesi <maxxer@yetopen.it>
Date: Tue, 23 Jan 2018 06:01:39 +0100
Subject: [PATCH] Password age check filter #102

---
 src/User/Filter/PasswordAgeEnforceFilter.php | 39 ++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 src/User/Filter/PasswordAgeEnforceFilter.php

diff --git a/src/User/Filter/PasswordAgeEnforceFilter.php b/src/User/Filter/PasswordAgeEnforceFilter.php
new file mode 100644
index 0000000..2da75dc
--- /dev/null
+++ b/src/User/Filter/PasswordAgeEnforceFilter.php
@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the 2amigos/yii2-usuario project.
+ *
+ * (c) 2amigOS! <http://2amigos.us/>
+ * @author Lorenzo Milesi <maxxer@yetopen.it>
+ *
+ * For the full copyright and license information, please view
+ * the LICENSE file that was distributed with this source code.
+ */
+
+namespace Da\User\Filter;
+
+use Yii;
+use yii\base\ActionFilter;
+
+class PasswordAgeEnforceFilter extends ActionFilter
+{
+    public function beforeAction($action)
+    {
+        $maxPasswordAge = Yii::$app->getModule('user')->maxPasswordAge;
+        // If feature is not set do nothing (or raise a configuration error?)
+        if (is_null($maxPasswordAge)) {
+            return parent::beforeAction($action);
+        }
+        if (Yii::$app->user->isGuest) {
+            // Not our business
+            return parent::beforeAction($action);
+        }
+        if (Yii::$app->user->identity->password_age >= $maxPasswordAge) {
+            // Force password change
+            Yii::$app->getSession()->setFlash('warning', Yii::t('usuario', 'Your password has expired, you must change it now'));
+            return Yii::$app->response->redirect(['/user/settings/account'])->send();
+        }
+
+        return parent::beforeAction($action);
+    }
+}