Commit 89b205d8 authored by Ivan Tyagov's avatar Ivan Tyagov

Implementation of an early password expiration warning after successful

login.
parent 2c557347
......@@ -34,7 +34,7 @@
</item>
<item>
<key> <string>last_id</string> </key>
<value> <string>10</string> </value>
<value> <string>11</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Standard Property" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>elementary_type/int</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string>The time interval ( (in hours) before real password expire happens. During it interval an warning will be shown to user after every successful login.</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>preferred_password_lifetime_expire_warning_duration_property</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Standard Property</string> </value>
</item>
<item>
<key> <string>preference</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>property_default</string> </key>
<value> <string>python: 0</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
......@@ -65,20 +65,32 @@ def _isPasswordExpired():\n
one_hour = 1/24.0\n
now = DateTime()\n
max_password_lifetime_duration = portal.portal_preferences.getPreferredMaxPasswordLifetimeDuration()\n
password_lifetime_expire_warning_duration = portal.portal_preferences.getPreferredPasswordLifetimeExpireWarningDuration()\n
last_password_modification_date = context.getLastPasswordModificationDate()\n
if last_password_modification_date is not None and \\\n
(last_password_modification_date + max_password_lifetime_duration*one_hour) < now:\n
\n
early_warning = False\n
if last_password_modification_date is not None:\n
expire_date = last_password_modification_date + max_password_lifetime_duration*one_hour \n
if password_lifetime_expire_warning_duration not in (0, None,):\n
# calculate early warning period\n
if now > expire_date - password_lifetime_expire_warning_duration*one_hour:\n
early_warning = True\n
if expire_date < now:\n
# password is expired\n
context.log(\'expired %s\' %context.getReference())\n
return 1\n
return 0\n
return True, early_warning\n
return False, early_warning\n
\n
_isPasswordExpired = CachingMethod(_isPasswordExpired,\n
_isPasswordExpired1 = CachingMethod(_isPasswordExpired,\n
id=\'Person_isPasswordExpired\',\n
cache_factory=\'erp5_content_short\')\n
is_password_expired = _isPasswordExpired()\n
is_password_expired, is_user_account_password_expired_warning_on = _isPasswordExpired()\n
\n
request.set(\'is_user_account_password_expired\', is_password_expired)\n
return _isPasswordExpired()\n
request.set(\'is_user_account_password_expired_warning_on\', is_user_account_password_expired_warning_on)\n
\n
context.log(\'in --> %s %s\' %(is_password_expired, is_user_account_password_expired_warning_on))\n
return is_password_expired\n
]]></string> </value>
......
......@@ -92,6 +92,7 @@
<string>my_preferred_min_password_length</string>
<string>my_preferred_min_password_lifetime_duration</string>
<string>my_preferred_max_password_lifetime_duration</string>
<string>my_preferred_password_lifetime_expire_warning_duration</string>
<string>my_preferred_number_of_last_password_to_check</string>
<string>my_preffered_force_username_check_in_password</string>
<string>my_preferred_min_regular_expression_group_number</string>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>delegated_list</string> </key>
<value>
<list>
<string>title</string>
</list>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>my_preferred_password_lifetime_expire_warning_duration</string> </value>
</item>
<item>
<key> <string>message_values</string> </key>
<value>
<dictionary>
<item>
<key> <string>external_validator_failed</string> </key>
<value> <string>The input failed the external validator.</string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>overrides</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>tales</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>values</string> </key>
<value>
<dictionary>
<item>
<key> <string>field_id</string> </key>
<value> <string>my_integer_value</string> </value>
</item>
<item>
<key> <string>form_id</string> </key>
<value> <string>Base_viewFieldLibrary</string> </value>
</item>
<item>
<key> <string>target</string> </key>
<value> <string>Click to edit the target</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Password Expire Warning Duration</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
......@@ -47,14 +47,13 @@
<tal:block tal:condition="isAnon">\n
<tal:block tal:define="dummy python: response.expireCookie(\'__ac\', path=\'/\');\n
is_user_account_blocked python: request.get(\'is_user_account_blocked\', False);\n
is_user_account_password_expired python: request.get(\'is_user_account_password_expired\', False);\n
d python: context.log(\'? --%s %s\' %(is_user_account_blocked, is_user_account_password_expired));">\n
is_user_account_password_expired python: request.get(\'is_user_account_password_expired\', False);">\n
\n
<!-- Login and/or password is incorrect. -->\n
<tal:block tal:omit-tag="python: not is_user_account_blocked and not is_user_account_password_expired"\n
tal:define="url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Login and/or password is incorrect.\'));\n
<tal:block tal:condition="python: not is_user_account_blocked and not is_user_account_password_expired">\n
<tal:block tal:define="url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Login and/or password is incorrect.\'));\n
url python: request.get(\'came_from\') and \'%s&amp;came_from=%s\' % (url, request[\'came_from\']) or url;\n
dummy python: response.redirect(url);">\n
dummy python: response.redirect(url);"/>\n
</tal:block>\n
\n
<!-- Login is blocked. -->\n
......@@ -64,7 +63,7 @@
dummy python: response.redirect(url);"/>\n
</tal:block>\n
\n
<!-- Password is expired. -->\n
<!-- Password is expired permanently. -->\n
<tal:block tal:condition="is_user_account_password_expired">\n
<tal:block tal:define="url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Password is expired.\'));\n
url python: request.get(\'came_from\') and \'%s&amp;came_from=%s\' % (url, request[\'came_from\']) or url;\n
......@@ -73,10 +72,21 @@
\n
</tal:block>\n
</tal:block>\n
<tal:block tal:condition="not: isAnon">\n
<tal:block tal:condition="not: isAnon"\n
tal:define="is_user_account_password_expired_warning_on python:request.get(\'is_user_account_password_expired_warning_on\', False);">\n
\n
<!-- XXX: Password will expire soon just war user ? -->\n
<tal:block tal:condition="is_user_account_password_expired_warning_on">\n
<tal:block tal:define="came_from python: request.get(\'came_from\') or here.absolute_url();\n
dummy python: response.redirect(\'%s?portal_status_message=%s\' %(came_from, here.Base_translateString(\'Your password will expire soon.\')));" />\n
</tal:block>\n
\n
<tal:block tal:condition="not: is_user_account_password_expired_warning_on">\n
<tal:block tal:define="came_from python: request.get(\'came_from\') or here.absolute_url();\n
dummy python: response.redirect(came_from);" />\n
</tal:block>\n
\n
</tal:block>\n
</tal:block>\n
</tal:block>
......
2
\ No newline at end of file
3
\ No newline at end of file
0.2
\ No newline at end of file
0.3
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment