From e7ee70541fe60800480d7b3a830a80f715e60ce2 Mon Sep 17 00:00:00 2001 From: simonp Date: Tue, 27 May 2014 21:09:24 +0200 Subject: Add option to force new users to change their password (#1486884) --- CHANGELOG | 1 + plugins/password/config.inc.php.dist | 3 +++ plugins/password/localization/en_US.inc | 1 + plugins/password/password.php | 36 ++++++++++++++++++++++++++++++++- 4 files changed, 40 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index 112ef28ac..695ccc65b 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -31,6 +31,7 @@ CHANGELOG Roundcube Webmail - Fix so responses menu hides on click in classic skin (#1489915) - Fix unintentional line-height style modification in HTML messages (#1489917) - Fix broken normalize_string(), add support for ISO-8859-2 (#1489918) +- Add option to force new users to change their password (#1486884) RELEASE 1.0.1 ------------- diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist index 8f7a57f9a..16b7f9317 100644 --- a/plugins/password/config.inc.php.dist +++ b/plugins/password/config.inc.php.dist @@ -35,6 +35,9 @@ $config['password_hosts'] = null; // for upgrading the stored passwords after the encryption scheme has changed. $config['password_force_save'] = false; +// Enables forcing new users to change their password at their first login. +$config['password_force_new_user'] = false; + // SQL Driver options // ------------------ diff --git a/plugins/password/localization/en_US.inc b/plugins/password/localization/en_US.inc index a4c077fe5..94475ce36 100644 --- a/plugins/password/localization/en_US.inc +++ b/plugins/password/localization/en_US.inc @@ -33,5 +33,6 @@ $messages['internalerror'] = 'Could not save new password.'; $messages['passwordshort'] = 'Password must be at least $length characters long.'; $messages['passwordweak'] = 'Password must include at least one number and one punctuation character.'; $messages['passwordforbidden'] = 'Password contains forbidden characters.'; +$messages['firstloginchange'] = 'This is your first login. Please change your password.'; ?> diff --git a/plugins/password/password.php b/plugins/password/password.php index 83f951b98..a9e6f4e04 100644 --- a/plugins/password/password.php +++ b/plugins/password/password.php @@ -40,9 +40,10 @@ define('PASSWORD_SUCCESS', 0); */ class password extends rcube_plugin { - public $task = 'settings'; + public $task = 'settings|login'; public $noframe = true; public $noajax = true; + private $newuser = false; function init() { @@ -70,9 +71,15 @@ class password extends rcube_plugin } $this->add_hook('settings_actions', array($this, 'settings_actions')); + if($rcmail->config->get('password_force_new_user')) + { + $this->add_hook('user_create', array($this, 'user_create')); + $this->add_hook('login_after', array($this, 'login_after')); + } $this->register_action('plugin.password', array($this, 'password_init')); $this->register_action('plugin.password-save', array($this, 'password_save')); + $this->register_action('plugin.password-first', array($this, 'password_first')); if (strpos($rcmail->action, 'plugin.password') === 0) { @@ -300,4 +307,31 @@ class password extends rcube_plugin return $reason; } + + function user_create($args) + { + $this->newuser = true; + return $args; + } + + function login_after($args) + { + if($this->newuser) + { + $args['_task'] = 'settings'; + $args['_action'] = 'plugin.password-first'; + } + return $args; + } + + function password_first() + { + $rcmail = rcmail::get_instance(); + $this->add_texts('localization/'); + $this->register_handler('plugin.body', array($this, 'password_form')); + $rcmail->output->set_pagetitle($this->gettext('changepasswd')); + $rcmail->output->command('display_message', $this->gettext('firstloginchange'), 'notice'); + $rcmail->overwrite_action('plugin.password'); + $rcmail->output->send('plugin'); + } } -- cgit v1.2.3