Hi Guys,
I was wondering, is it possible to get the user to change their password after logging in?
I was about to import a heap of people into the forum and i would like them all to change their passwords as they login...
Grant
This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.
Please use forum.silverstripe.org for any new questions
(announcement).
The forum archive will stick around, but will be read only.
You can also use our Slack channel
or StackOverflow to ask for help.
Check out our community overview for more options to contribute.
Hi Guys,
I was wondering, is it possible to get the user to change their password after logging in?
I was about to import a heap of people into the forum and i would like them all to change their passwords as they login...
Grant
Very interested in hearing any solutions.
Looking at the Member table there is a PasswordExpiry column which accepts a date. For all members you want to have reset their password - maybe try setting that date to a date in the past? I assume this would force a member to change their password upon next login.
If that doesn't work another possibility is to use the MemberPassword table - all previous passwords are stored here for any member (so if required you can ensure members don't use a previous password). You could write some simple SQL to count the number of passwords stored here for a particular member, if the count is only 1 then you can assume they're using the original password you generated for them and prompt them to change it.
Just updating this post for anyone who finds it. Here's an approach that uses an extension hook to allow you to promt a password change on the fly at the time the member logs in.
class CustomMember extends DataExtension {
public function beforeMemberLoggedIn() {
$promptToChangePassword = // Do some custom validation
if ($promptToChangePassword) $this->owner->PasswordExpiry = '1999-01-01';
}
}
This seems like a great ad-hoc solution, but I am still very disheartened that it's not baked in. This is basic user management stuff here.