Bug 31382: Pass password_has_expired param to templte
This patch restores the param, while still leaving the check against invalid
login credentials to ensure we don't leak information.
To test:
1 - enable EnableExpiredPasswordReset
2 - Edit a patron to set password to expire in the past
3 - Attempt opac login as patron
4 - It fails, but you are redirected to login screen with no info
5 - Apply patch
6 - Attempt login
7 - You are notified password expired and given reset link
8 - Go back to login screen
9 - Login with correct username,, wrong password
10 - You are notified of incorrect credentials, not password expiration
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 218419ce2c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
This commit is contained in:
parent
c03539d898
commit
1f9c734de4
1 changed files with 1 additions and 0 deletions
|
|
@ -1408,6 +1408,7 @@ sub checkauth {
|
|||
PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"),
|
||||
opac_css_override => $ENV{'OPAC_CSS_OVERRIDE'},
|
||||
too_many_login_attempts => ( $patron and $patron->account_locked ),
|
||||
password_has_expired => ( $patron and $patron->password_expired ),
|
||||
);
|
||||
|
||||
$template->param( SCO_login => 1 ) if ( $query->param('sco_user_login') );
|
||||
|
|
|
|||
Loading…
Reference in a new issue