zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-05-13 16:16:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Added ability to have password policy and password expiration

Browse source
This commit is contained in:
Pinga 2025-02-11 15:50:29 +02:00
parent e0eeaed83c
commit 2620dfd7f3
5 changed files with 51 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
cp/app/Controllers/Auth/AuthController.php
View file

@ -93,6 +93,13 @@ class AuthController extends Controller
unset($_SESSION['2fa_email'], $_SESSION['2fa_password'], $_SESSION['is2FAEnabled']);
if ($login===true) {
// Check if password renewal is needed
$passwordLastChanged = $_SESSION['password_last_changed'][$_SESSION['auth_user_id']] ?? 0;
if (checkPasswordRenewal($passwordLastChanged)) {
Auth::logout();
redirect()->route('forgot.password')->with('error','Your password is expired. Please change it');
}
$db = $container->get('db');
$currentDateTime = new \DateTime();
$currentDate = $currentDateTime->format('Y-m-d H:i:s.v'); // Current timestamp