From 1f9c734de40b609c6ff2f4ff02728eabcc78985c Mon Sep 17 00:00:00 2001
From: Nick Clemens <nick@bywatersolutions.com>
Date: Wed, 17 Aug 2022 11:09:14 +0000
Subject: [PATCH] Bug 31382: Pass password_has_expired param to templte

This patch restores the param, while still leaving the check against invalid
login credentials to ensure we don't leak information.

To test:
 1 - enable  EnableExpiredPasswordReset
 2 - Edit a patron to set password to expire in the past
 3 - Attempt opac login as patron
 4 - It fails, but you are redirected to login screen with no info
 5 - Apply patch
 6 - Attempt login
 7 - You are notified password expired and given reset link
 8 - Go back to login screen
 9 - Login with correct username,, wrong password
10 - You are notified of incorrect credentials, not password expiration

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 218419ce2c2502bcad0f8285173b4493d7e9e8fc)

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
---
 C4/Auth.pm | 1 +
 1 file changed, 1 insertion(+)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 0e9e1d23a5..7960909f81 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -1408,6 +1408,7 @@ sub checkauth {
         PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"),
         opac_css_override                     => $ENV{'OPAC_CSS_OVERRIDE'},
         too_many_login_attempts               => ( $patron and $patron->account_locked ),
+        password_has_expired                  => ( $patron and $patron->password_expired ),
     );
 
     $template->param( SCO_login => 1 ) if ( $query->param('sco_user_login') );
-- 
2.39.2