why check for pwd expiration after successfull login

  • Resolved pronl

    (@pronl)


    8 years ago

    Hi Frankie,

    Thanks for the answer in the other topic ??

    Another question though …

    Why did you choose to check for pwd expiration after successfull login ?
    I mean, that just doesn’t make sense. A user whose password has expired should not be able to login in the first place …

    Hooking the pwd validation check before login makes more sense to me …
    All that is required for the pwd validation check is a valid username.

    But I might have missed something. There may be very good reasons why you chose to do things your way.

    Other than this issue it’s a pretty neatly coded plugin ??

    • This topic was modified 8 years ago by pronl.
    • This topic was modified 8 years ago by pronl.
Viewing 1 replies (of 1 total)
  • Plugin Author Frankie Jarrett

    (@fjarrett)

    This is a totally valid point and great idea. I originally wrote and released this plugin in 1 day during a time when I was going on a streak to make a new plugin every day which lasted about a week ??

    I’ve created a GitHub issue for this and will be something I dig into.

Viewing 1 replies (of 1 total)
  • The topic ‘why check for pwd expiration after successfull login’ is closed to new replies.