public function ForcePasswordChangeService::checkForForce in Force Password Change 2.0.x
Same name and namespace in other branches
- 8 src/Service/ForcePasswordChangeService.php \Drupal\force_password_change\Service\ForcePasswordChangeService::checkForForce()
Check to see if the current user has a pending forced password change.
Return value
bool TRUE if the user has a pending forced password change. FALSE if they do not.
Overrides ForcePasswordChangeServiceInterface::checkForForce
File
- src/
Service/ ForcePasswordChangeService.php, line 104
Class
Namespace
Drupal\force_password_change\ServiceCode
public function checkForForce() {
// Default is to not redirect.
$redirect = FALSE;
// If the user's account has been flagged for expiry,
// a redirect is required.
if ($this->userData
->get('force_password_change', $this->currentUser
->id(), 'pending_force')) {
$redirect = 'admin_forced';
}
elseif ($this->configFactory
->get('force_password_change.settings')
->get('expire_password')) {
// The user's account has not been flagged for password expiry.
// Check to see if their password has expired according to
// the rules of the module.
// First thing is to check the time of their last password change,
// and the time of their account creation.
$last_change = $this->userData
->get('force_password_change', $this->currentUser
->id(), 'last_change');
$created = $this->mapper
->getUserCreatedTime($this->currentUser
->id());
// Get the time period after which their password should expire
// according to the rules laid out in the module settings page. Only the
// role with the highest priority is retrieved.
$expiry = $this->mapper
->getExpiryTimeFromRoles($this->currentUser
->getRoles());
// Test to see if their password has expired.
if ($expiry && ($last_change && $this
->getRequestTime() - $expiry > $last_change) || !$last_change && $this
->getRequestTime() - $expiry > $created) {
// Their password has expired, so their user account is flagged
// and the expiration time period is returned, which will trigger
// the redirect and be used to generate the message shown to the user.
$this->userData
->set('force_password_change', $this->currentUser
->id(), 'pending_force', 1);
$redirect = 'expired';
}
}
return $redirect;
}