You are here

Home » API reference » Force Password Change 2.0.x » ForcePasswordChangeService.php » ForcePasswordChangeService

public function ForcePasswordChangeService::checkForForce in Force Password Change 2.0.x

Same name and namespace in other branches
  1. 8 src/Service/ForcePasswordChangeService.php \Drupal\force_password_change\Service\ForcePasswordChangeService::checkForForce()

Check to see if the current user has a pending forced password change.

Return value

bool TRUE if the user has a pending forced password change. FALSE if they do not.

Overrides ForcePasswordChangeServiceInterface::checkForForce

File

src/Service/ForcePasswordChangeService.php, line 104

Class

ForcePasswordChangeService

Namespace

Drupal\force_password_change\Service

Code

public function checkForForce() {

  // Default is to not redirect.
  $redirect = FALSE;

  // If the user's account has been flagged for expiry,
  // a redirect is required.
  if ($this->userData
    ->get('force_password_change', $this->currentUser
    ->id(), 'pending_force')) {
    $redirect = 'admin_forced';
  }
  elseif ($this->configFactory
    ->get('force_password_change.settings')
    ->get('expire_password')) {

    // The user's account has not been flagged for password expiry.
    // Check to see if their password has expired according to
    // the rules of the module.
    // First thing is to check the time of their last password change,
    // and the time of their account creation.
    $last_change = $this->userData
      ->get('force_password_change', $this->currentUser
      ->id(), 'last_change');
    $created = $this->mapper
      ->getUserCreatedTime($this->currentUser
      ->id());

    // Get the time period after which their password should expire
    // according to the rules laid out in the module settings page. Only the
    // role with the highest priority is retrieved.
    $expiry = $this->mapper
      ->getExpiryTimeFromRoles($this->currentUser
      ->getRoles());

    // Test to see if their password has expired.
    if ($expiry && ($last_change && $this
      ->getRequestTime() - $expiry > $last_change) || !$last_change && $this
      ->getRequestTime() - $expiry > $created) {

      // Their password has expired, so their user account is flagged
      // and the expiration time period is returned, which will trigger
      // the redirect and be used to generate the message shown to the user.
      $this->userData
        ->set('force_password_change', $this->currentUser
        ->id(), 'pending_force', 1);
      $redirect = 'expired';
    }
  }
  return $redirect;
}