Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Cédric Le Ninivin
erp5
Commits
89b205d8
Commit
89b205d8
authored
Jul 18, 2011
by
Ivan Tyagov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Implementation of an early password expiration warning after successful
login.
parent
2c557347
Changes
8
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
183 additions
and
24 deletions
+183
-24
bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference.xml
...portal_property_sheets/AuthenticationPolicyPreference.xml
+1
-1
bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference/preferred_password_lifetime_expire_warning_duration_property.xml
...ed_password_lifetime_expire_warning_duration_property.xml
+40
-0
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_isPasswordExpired.xml
...s/erp5_authentication_policy/Person_isPasswordExpired.xml
+21
-9
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy.xml
...tion_policy/SystemPreference_viewAuthenticationPolicy.xml
+1
-0
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy/my_preferred_password_lifetime_expire_warning_duration.xml
...y_preferred_password_lifetime_expire_warning_duration.xml
+96
-0
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/logged_in.xml
...tem/portal_skins/erp5_authentication_policy/logged_in.xml
+22
-12
bt5/erp5_authentication_policy/bt/revision
bt5/erp5_authentication_policy/bt/revision
+1
-1
bt5/erp5_authentication_policy/bt/version
bt5/erp5_authentication_policy/bt/version
+1
-1
No files found.
bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference.xml
View file @
89b205d8
...
@@ -34,7 +34,7 @@
...
@@ -34,7 +34,7 @@
</item>
</item>
<item>
<item>
<key>
<string>
last_id
</string>
</key>
<key>
<string>
last_id
</string>
</key>
<value>
<string>
1
0
</string>
</value>
<value>
<string>
1
1
</string>
</value>
</item>
</item>
<item>
<item>
<key>
<string>
portal_type
</string>
</key>
<key>
<string>
portal_type
</string>
</key>
...
...
bt5/erp5_authentication_policy/PropertySheetTemplateItem/portal_property_sheets/AuthenticationPolicyPreference/preferred_password_lifetime_expire_warning_duration_property.xml
0 → 100644
View file @
89b205d8
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Standard Property"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
categories
</string>
</key>
<value>
<tuple>
<string>
elementary_type/int
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<string>
The time interval ( (in hours) before real password expire happens. During it interval an warning will be shown to user after every successful login.
</string>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
preferred_password_lifetime_expire_warning_duration_property
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Standard Property
</string>
</value>
</item>
<item>
<key>
<string>
preference
</string>
</key>
<value>
<int>
1
</int>
</value>
</item>
<item>
<key>
<string>
property_default
</string>
</key>
<value>
<string>
python: 0
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/Person_isPasswordExpired.xml
View file @
89b205d8
...
@@ -65,20 +65,32 @@ def _isPasswordExpired():\n
...
@@ -65,20 +65,32 @@ def _isPasswordExpired():\n
one_hour = 1/24.0\n
one_hour = 1/24.0\n
now = DateTime()\n
now = DateTime()\n
max_password_lifetime_duration = portal.portal_preferences.getPreferredMaxPasswordLifetimeDuration()\n
max_password_lifetime_duration = portal.portal_preferences.getPreferredMaxPasswordLifetimeDuration()\n
password_lifetime_expire_warning_duration = portal.portal_preferences.getPreferredPasswordLifetimeExpireWarningDuration()\n
last_password_modification_date = context.getLastPasswordModificationDate()\n
last_password_modification_date = context.getLastPasswordModificationDate()\n
if last_password_modification_date is not None and \\\n
(last_password_modification_date + max_password_lifetime_duration*one_hour) < now:\n
# password is expired\n
context.log(\'expired %s\' %context.getReference())\n
return 1\n
return 0\n
\n
\n
_isPasswordExpired = CachingMethod(_isPasswordExpired,\n
early_warning = False\n
if last_password_modification_date is not None:\n
expire_date = last_password_modification_date + max_password_lifetime_duration*one_hour \n
if password_lifetime_expire_warning_duration not in (0, None,):\n
# calculate early warning period\n
if now >
expire_date - password_lifetime_expire_warning_duration*one_hour:\n
early_warning = True\n
if expire_date
< now:
\n
#
password
is
expired\n
context.log(\'expired
%s\'
%context.getReference())\n
return
True,
early_warning\n
return
False,
early_warning\n
\n
_isPasswordExpired1 =
CachingMethod(_isPasswordExpired,\n
id=
\'Person_isPasswordExpired\',\n
id=
\'Person_isPasswordExpired\',\n
cache_factory=
\'erp5_content_short\')\n
cache_factory=
\'erp5_content_short\')\n
is_password_expired = _isPasswordExpired()\n
is_password_expired,
is_user_account_password_expired_warning_on =
_isPasswordExpired()\n
\n
request.set(\'is_user_account_password_expired\',
is_password_expired)\n
request.set(\'is_user_account_password_expired\',
is_password_expired)\n
return _isPasswordExpired()\n
request.set(\'is_user_account_password_expired_warning_on\',
is_user_account_password_expired_warning_on)\n
\n
context.log(\'in
--
>
%s %s\' %(is_password_expired, is_user_account_password_expired_warning_on))\n
return is_password_expired\n
]]>
</string>
</value>
]]>
</string>
</value>
...
...
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy.xml
View file @
89b205d8
...
@@ -92,6 +92,7 @@
...
@@ -92,6 +92,7 @@
<string>
my_preferred_min_password_length
</string>
<string>
my_preferred_min_password_length
</string>
<string>
my_preferred_min_password_lifetime_duration
</string>
<string>
my_preferred_min_password_lifetime_duration
</string>
<string>
my_preferred_max_password_lifetime_duration
</string>
<string>
my_preferred_max_password_lifetime_duration
</string>
<string>
my_preferred_password_lifetime_expire_warning_duration
</string>
<string>
my_preferred_number_of_last_password_to_check
</string>
<string>
my_preferred_number_of_last_password_to_check
</string>
<string>
my_preffered_force_username_check_in_password
</string>
<string>
my_preffered_force_username_check_in_password
</string>
<string>
my_preferred_min_regular_expression_group_number
</string>
<string>
my_preferred_min_regular_expression_group_number
</string>
...
...
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/SystemPreference_viewAuthenticationPolicy/my_preferred_password_lifetime_expire_warning_duration.xml
0 → 100644
View file @
89b205d8
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"ProxyField"
module=
"Products.ERP5Form.ProxyField"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
delegated_list
</string>
</key>
<value>
<list>
<string>
title
</string>
</list>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
my_preferred_password_lifetime_expire_warning_duration
</string>
</value>
</item>
<item>
<key>
<string>
message_values
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
external_validator_failed
</string>
</key>
<value>
<string>
The input failed the external validator.
</string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
overrides
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string></string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
tales
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string></string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string></string>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key>
<string>
values
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
field_id
</string>
</key>
<value>
<string>
my_integer_value
</string>
</value>
</item>
<item>
<key>
<string>
form_id
</string>
</key>
<value>
<string>
Base_viewFieldLibrary
</string>
</value>
</item>
<item>
<key>
<string>
target
</string>
</key>
<value>
<string>
Click to edit the target
</string>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string>
Password Expire Warning Duration
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
bt5/erp5_authentication_policy/SkinTemplateItem/portal_skins/erp5_authentication_policy/logged_in.xml
View file @
89b205d8
...
@@ -47,24 +47,23 @@
...
@@ -47,24 +47,23 @@
<tal:block
tal:condition=
"isAnon"
>
\n
<tal:block
tal:condition=
"isAnon"
>
\n
<tal:block
tal:define=
"dummy python: response.expireCookie(\'__ac\', path=\'/\');\n
<tal:block
tal:define=
"dummy python: response.expireCookie(\'__ac\', path=\'/\');\n
is_user_account_blocked python: request.get(\'is_user_account_blocked\', False);\n
is_user_account_blocked python: request.get(\'is_user_account_blocked\', False);\n
is_user_account_password_expired python: request.get(\'is_user_account_password_expired\', False);\n
is_user_account_password_expired python: request.get(\'is_user_account_password_expired\', False);"
>
\n
d python: context.log(\'? --%s %s\' %(is_user_account_blocked, is_user_account_password_expired));"
>
\n
\n
\n
<!-- Login and/or password is incorrect. -->
\n
<!-- Login and/or password is incorrect. -->
\n
<tal:block
tal:omit-tag=
"python: not is_user_account_blocked and not is_user_account_password_expired"
\n
<tal:block
tal:condition=
"python: not is_user_account_blocked and not is_user_account_password_expired"
>
\n
tal:define=
"url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Login and/or password is incorrect.\'));\n
<tal:block
tal:define=
"url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Login and/or password is incorrect.\'));\n
url python: request.get(\'came_from\') and \'%s&came_from=%s\' % (url, request[\'came_from\']) or url;\n
url python: request.get(\'came_from\') and \'%s&came_from=%s\' % (url, request[\'came_from\']) or url;\n
dummy python: response.redirect(url);"
>
\n
dummy python: response.redirect(url);"
/
>
\n
</tal:block>
\n
</tal:block>
\n
\n
\n
<!-- Login is blocked. -->
\n
<!-- Login is blocked. -->
\n
<tal:block
tal:condition=
"is_user_account_blocked"
>
\n
<tal:block
tal:condition=
"is_user_account_blocked"
>
\n
<tal:block
tal:define=
"url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Account is blocked.\'));\n
<tal:block
tal:define=
"url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Account is blocked.\'));\n
url python: request.get(\'came_from\') and \'%s&came_from=%s\' % (url, request[\'came_from\']) or url;\n
url python: request.get(\'came_from\') and \'%s&came_from=%s\' % (url, request[\'came_from\']) or url;\n
dummy python: response.redirect(url);"
/>
\n
dummy python: response.redirect(url);"
/>
\n
</tal:block>
\n
</tal:block>
\n
\n
\n
<!-- Password is expired. -->
\n
<!-- Password is expired
permanently
. -->
\n
<tal:block
tal:condition=
"is_user_account_password_expired"
>
\n
<tal:block
tal:condition=
"is_user_account_password_expired"
>
\n
<tal:block
tal:define=
"url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Password is expired.\'));\n
<tal:block
tal:define=
"url python: \'%s/login_form?portal_status_message=%s\' % (here.absolute_url(), here.Base_translateString(\'Password is expired.\'));\n
url python: request.get(\'came_from\') and \'%s&came_from=%s\' % (url, request[\'came_from\']) or url;\n
url python: request.get(\'came_from\') and \'%s&came_from=%s\' % (url, request[\'came_from\']) or url;\n
...
@@ -73,9 +72,20 @@
...
@@ -73,9 +72,20 @@
\n
\n
</tal:block>
\n
</tal:block>
\n
</tal:block>
\n
</tal:block>
\n
<tal:block
tal:condition=
"not: isAnon"
>
\n
<tal:block
tal:condition=
"not: isAnon"
\n
<tal:block
tal:define=
"came_from python: request.get(\'came_from\') or here.absolute_url();\n
tal:define=
"is_user_account_password_expired_warning_on python:request.get(\'is_user_account_password_expired_warning_on\', False);"
>
\n
dummy python: response.redirect(came_from);"
/>
\n
\n
<!-- XXX: Password will expire soon just war user ? -->
\n
<tal:block
tal:condition=
"is_user_account_password_expired_warning_on"
>
\n
<tal:block
tal:define=
"came_from python: request.get(\'came_from\') or here.absolute_url();\n
dummy python: response.redirect(\'%s?portal_status_message=%s\' %(came_from, here.Base_translateString(\'Your password will expire soon.\')));"
/>
\n
</tal:block>
\n
\n
<tal:block
tal:condition=
"not: is_user_account_password_expired_warning_on"
>
\n
<tal:block
tal:define=
"came_from python: request.get(\'came_from\') or here.absolute_url();\n
dummy python: response.redirect(came_from);"
/>
\n
</tal:block>
\n
\n
</tal:block>
\n
</tal:block>
\n
</tal:block>
\n
</tal:block>
\n
</tal:block>
</tal:block>
...
...
bt5/erp5_authentication_policy/bt/revision
View file @
89b205d8
2
3
\ No newline at end of file
\ No newline at end of file
bt5/erp5_authentication_policy/bt/version
View file @
89b205d8
0.2
0.3
\ No newline at end of file
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment