]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 217e953) | patch
Bug 31382: Pass password_has_expired param to templte
authorNick Clemens <nick@bywatersolutions.com>
Wed, 17 Aug 2022 11:09:14 +0000 (11:09 +0000)
committerTomas Cohen Arazi <tomascohen@theke.io>
Wed, 17 Aug 2022 18:52:07 +0000 (15:52 -0300)
commit218419ce2c2502bcad0f8285173b4493d7e9e8fc
treec535ba88ed8fda1ca9cafe998beaa478345f1814tree | snapshot
parent217e953ffb81cbac7f57521d3c0c7568995bb11dcommit | diff
Bug 31382: Pass password_has_expired param to templte

This patch restores the param, while still leaving the check against invalid
login credentials to ensure we don't leak information.

To test:
 1 - enable  EnableExpiredPasswordReset
 2 - Edit a patron to set password to expire in the past
 3 - Attempt opac login as patron
 4 - It fails, but you are redirected to login screen with no info
 5 - Apply patch
 6 - Attempt login
 7 - You are notified password expired and given reset link
 8 - Go back to login screen
 9 - Login with correct username,, wrong password
10 - You are notified of incorrect credentials, not password expiration

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
C4/Auth.pm diff | blob | history
Main Koha release repository