mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 10:20:58 -06:00
e97ef7e9af
This commit adds the ability for site administrators to mark users' passwords as expired. Note that this commit does not add any client side interface to mark a user's password as expired. The following changes are introduced in this commit: 1. Adds a `user_passwords` table and `UserPassword` model. While the `user_passwords` table is currently used to only store expired passwords, it will be used in the future to store a user's current password as well. 2. Adds a `UserPasswordExpirer.expire_user_password` method which can be used from the Rails console to mark a user's password as expired. 3. Updates `SessionsController#create` to check that the user's current password has not been marked as expired after confirming the password. If the password is determined to be expired based on the existence of a `UserPassword` record with the `password_expired_at` column set, we will not log the user in and will display a password expired notice. A forgot password email is automatically send out to the user as well. |
||
|---|---|---|
| .. | ||
| fabricators | ||
| fixtures | ||
| generator | ||
| helpers | ||
| import_export | ||
| initializers | ||
| integration | ||
| integrity | ||
| jobs | ||
| lib | ||
| mailers | ||
| migrations | ||
| models | ||
| multisite | ||
| requests | ||
| script/import_scripts | ||
| serializers | ||
| services | ||
| support | ||
| system | ||
| tasks | ||
| views | ||
| rails_helper.rb | ||
| regenerate_swagger_docs | ||
| swagger_helper.rb | ||