]> git.koha-community.org Git - koha.git/commit
Bug 31382: Pass password_has_expired param to templte
authorNick Clemens <nick@bywatersolutions.com>
Wed, 17 Aug 2022 11:09:14 +0000 (11:09 +0000)
committerLucas Gass <lucas@bywatersolutions.com>
Mon, 3 Oct 2022 22:40:46 +0000 (22:40 +0000)
commit1f9c734de40b609c6ff2f4ff02728eabcc78985c
treede886e03b0691750bfe546339b120a113ceda928
parentc03539d8981afab26f0a52e5ab79920bc0a42f01
Bug 31382: Pass password_has_expired param to templte

This patch restores the param, while still leaving the check against invalid
login credentials to ensure we don't leak information.

To test:
 1 - enable  EnableExpiredPasswordReset
 2 - Edit a patron to set password to expire in the past
 3 - Attempt opac login as patron
 4 - It fails, but you are redirected to login screen with no info
 5 - Apply patch
 6 - Attempt login
 7 - You are notified password expired and given reset link
 8 - Go back to login screen
 9 - Login with correct username,, wrong password
10 - You are notified of incorrect credentials, not password expiration

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 218419ce2c2502bcad0f8285173b4493d7e9e8fc)

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
C4/Auth.pm