• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Item6528: Set the Flag to Change Password in next Login

Item Form Data

AppliesTo: Component: Priority: CurrentState: WaitingFor: TargetRelease ReleasedIn
Engine   Enhancement Closed   minor  

Edit Form Data

Summary:
Reported By:
Codebase:
Applies To:
Component:
Priority:
Current State:
Waiting For:
Target Release:
Released In:
 

Detail

To develop the proposal - Set the Flag to Change Password in next Login

-- TWiki:Main/SopanShewale - 2010-07-20

Following can be sample change in TWiki::Users::HtpasswdUser module if we included extra fields discussed in proposal. Please note - this also makes .htpasswd file backword compatible. One do not need to existing .htpasswd file to use new code.


--- HtPasswdUser.pm.orig   2010-07-20 21:36:56.968482632 +0530
+++ HtPasswdUser.pm   2010-07-20 21:39:04.209473745 +0530
@@ -126,15 +126,38 @@
     my $line = '';
     while ( defined( $line = <IN_FILE> ) ) {
         if ( $TWiki::cfg{Htpasswd}{Encoding} eq 'md5' ) {    # htdigest format
-            if ( $line =~ /^(.*?):(.*?):(.*?)(?::(.*))?$/ ) {
+            if (
+                   $line =~ /^(.*?):(.*?):(.*?):(.*?):(.*?):(.*?)(?::(.*))?$/
+                || $line =~ /^(.*?):(.*?):(.*?):(.*?):(.*?)(?::(.*))?$/
+                || $line =~ /^(.*?):(.*?):(.*?):(.*?)(?::(.*))?$/
+                || $line =~ /^(.*?):(.*?):(.*?)(?::(.*))?$/
+
+              )
+            {
                 $data->{$1}->{pass} = $3;
                 $data->{$1}->{emails} = $4 || '';
+                $data->{$1}->{flag} =
+                  ( ( defined $5 ) && ( $5 == 0 ) ) ? 0 : ( $5 || '' );
+                $data->{$1}->{pass_change} = $6 || '';
+                $data->{$1}->{flag_change} = $7 || '';
             }
         }
-        else {                                               # htpasswd format
-            if ( $line =~ /^(.*?):(.*?)(?::(.*))?$/ ) {
+        else {    # htpasswd format
+            if (
+                   $line =~ /^(.*?):(.*?):(.*?):(.*?):(.*?)(?::(.*))?$/
+                || $line =~ /^(.*?):(.*?):(.*?):(.*?)(?::(.*))?$/
+                || $line =~ /^(.*?):(.*?):(.*?)(?::(.*))?$/
+                || $line =~ /^(.*?):(.*?)(?::(.*))?$/
+
+              )
+            {
                 $data->{$1}->{pass} = $2;
                 $data->{$1}->{emails} = $3 || '';
+                $data->{$1}->{flag} =
+                  ( ( defined $4 ) && ( $4 == 0 ) ) ? 0 : ( $4 || '' );
+                $data->{$1}->{pass_change} = $5 || '';
+                $data->{$1}->{flag_change} = $6 || '';
+
             }
         }
     }

-- TWiki:Main/SopanShewale - 2010-07-20

70 commits later: I enhanced the underlying API and redesigned the design based on the spec of this SetFlagtoChangePassword proposal. We have now:

  1. New TWiki:Codev.UserDataManagementApiAndGUI feature:
    • An API for password managers to declare user data to display and modify (data driven approach)
    • A TWiki.QueryUsers form that lists users, regardless of password manager used
    • A TWiki.EditUserAccount form to display or modify a user data record (data driven)
    • The TWiki.EditUserAccount form shows the user account save action result below the submit button - with red or green LED based on error condition.
  2. New TWiki:Codev.SupportDisabledUsersInPasswordManager feature:
    • A "disabled" flag that can be set per user in the HtPasswdUser manager - if set, user can no longer login (works with template login as well as apache login)
  3. This TWiki:Codev.SetFlagtoChangePassword feature:
    • A "must change password" flag that can be set per user in the HtPasswdUser manager - if set, user is forced to change password after successful authentication
    • Conditionally show a new "must change password" checkbox in user registration if logged-in user is an admin
    • Conditionally show a new "system generated password" checkbox in user registration if logged-in user is an admin and if {Register}{AllowSystemGeneratedPassword} setting is set
  4. Miscellaneous features:
    • Don't use '.' in random password, which can be confused with line end punctuation in password reset e-mail
    • More robust error handling in HtPasswdUser password manager
-- TWiki:Main.PeterThoeny - 2010-10-02

This has been implemented a while ago. Changing status to waiting for release.

-- TWiki:Main.PeterThoeny - 2010-11-22

ItemTemplate
Summary Set the Flag to Change Password in next Login
ReportedBy TWiki:Main.SopanShewale
Codebase ~twiki4
SVN Range TWiki-5.0.0, Tue, 06 Jul 2010, build 19208
AppliesTo Engine
Component

Priority Enhancement
CurrentState Closed
WaitingFor

Checkins TWikirev:19222 TWikirev:19223 TWikirev:19224 TWikirev:19225 TWikirev:19226 TWikirev:19227 TWikirev:19228 TWikirev:19229 TWikirev:19230 TWikirev:19231 TWikirev:19232 TWikirev:19233 TWikirev:19282 TWikirev:19312 TWikirev:19471 TWikirev:19472 TWikirev:19473 TWikirev:19474 TWikirev:19475 TWikirev:19476 TWikirev:19477 TWikirev:19478 TWikirev:19479 TWikirev:19480 TWikirev:19481 TWikirev:19482 TWikirev:19483 TWikirev:19484 TWikirev:19485 TWikirev:19486 TWikirev:19487 TWikirev:19488 TWikirev:19489 TWikirev:19490 TWikirev:19493 TWikirev:19494 TWikirev:19497 TWikirev:19500 TWikirev:19509 TWikirev:19510 TWikirev:19511 TWikirev:19512 TWikirev:19513 TWikirev:19514 TWikirev:19515 TWikirev:19516 TWikirev:19517 TWikirev:19518 TWikirev:19519 TWikirev:19520 TWikirev:19521 TWikirev:19522 TWikirev:19523 TWikirev:19524 TWikirev:19525 TWikirev:19526 TWikirev:19527 TWikirev:19528 TWikirev:19529 TWikirev:19530 TWikirev:19532 TWikirev:19533 TWikirev:19534 TWikirev:19535 TWikirev:19536 TWikirev:19537 TWikirev:19538 TWikirev:19540 TWikirev:19541 TWikirev:19542 TWikirev:19543 TWikirev:19544 TWikirev:19545 TWikirev:19546 TWikirev:19560 TWikirev:19584 TWikirev:19585 TWikirev:19586 TWikirev:19587 TWikirev:19588 TWikirev:19599 TWikirev:19704 TWikirev:19705 TWikirev:19708
TargetRelease minor
ReleasedIn

Edit | Attach | Watch | Print version | History: r89 < r88 < r87 < r86 < r85 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r89 - 2011-08-22 - PeterThoeny
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback