mani313 Posted September 10, 2013 Share Posted September 10, 2013 (edited) hi there, for security reasons, i want to set minimum password age for my site. super user must change his password every 90 days. we need it badly indeed..is it possible? thanx in adv Edited September 10, 2013 by mani313 (see edit history) Link to comment Share on other sites More sharing options...
PascalVG Posted September 10, 2013 Share Posted September 10, 2013 Mani, haven't heard of a module or solution. When I have time I'll have a look at it. Do you want it for Front office only, or also back office? Describe a little what you had in mind how it should work ideally. What Prestashop version do you use? pascal. 1 Link to comment Share on other sites More sharing options...
vekia Posted September 10, 2013 Share Posted September 10, 2013 modifications of the core in this case are necessary. Can you describe what have to happen after 90 days? block account ? or just information about new password? Link to comment Share on other sites More sharing options...
mani313 Posted September 10, 2013 Author Share Posted September 10, 2013 Mani, haven't heard of a module or solution. When I have time I'll have a look at it. Do you want it for Front office only, or also back office? Describe a little what you had in mind how it should work ideally. What Prestashop version do you use? pascal. hi pascal , thanks for adding reply. its just gonna include in back office only. sorry i did not mention this. the super user need this feature. can we do this technically. by adding some date constraint before login then do an action to reset password. yes i'have this idea. is it clear ? thank in advance Link to comment Share on other sites More sharing options...
mani313 Posted September 10, 2013 Author Share Posted September 10, 2013 modifications of the core in this case are necessary. Can you describe what have to happen after 90 days? block account ? or just information about new password? just pass out info every login then, expire the login after 90 days only for super user to reset his password. Link to comment Share on other sites More sharing options...
PascalVG Posted September 11, 2013 Share Posted September 11, 2013 (edited) OK, here we go: - go to your cPanel and get into phpMyAdmin. - Get into your PrestaShop database and fid the table ps_configuration - add a field with name PS_PASSWD_EXPIRE and value '<amount of days password expires>' like this: - go to tab SQL: - run SQL statement: INSERT INTO `ps_configuration`( `name`, `value`, `date_add`, `date_upd`) VALUES ('PS_PASSWD_EXPIRE', '90', now(), now()) and press GO check if field is indeed in table: SELECT * from `ps_configuration` WHERE name = 'PS_PASSWD_EXPIRE' and press GO you should see something like this: Then: Edit file: controllers/admin/AdminLoginController.php (Make BACKUP first!) Find the function ProcessLogin, and add the code between dotted lines... public function processLogin() { /* Check fields validity */ $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email)) $this->errors[] = Tools::displayError('Email is empty.'); elseif (!Validate::isEmail($email)) $this->errors[] = Tools::displayError('Invalid email address.'); if (empty($passwd)) $this->errors[] = Tools::displayError('The password field is blank.'); elseif (!Validate::isPasswd($passwd)) $this->errors[] = Tools::displayError('Invalid password.'); if (!count($this->errors)) { // ----------------------------------------------------------------------------------- // ADD CODE BELOW // Find employee and check if password is expired or not $employee = new Employee(); if (!$employee->getByEmail($email) || !$employee) { $this->errors[] = Tools::displayError('This account does not exist.'); $this->context->employee->logout(); } $DaysUntilExpire = time() - (strtotime($employee->last_passwd_gen.' + '. Configuration::get('PS_PASSWD_EXPIRE').' days')); if (($DaysUntilExpire > 0) AND !$employee->isSuperAdmin()) { $this->errors[] = sprintf(Tools::displayError( 'Your password is expired. Please contact the administrator.')); $this->context->employee->logout(); } if(($DaysUntilExpire + strtotime('10 days') > 0 ) AND !$employee->isSuperAdmin()) // 10 days before expiration, warn { // Add here some early warning system...send Email, or pop up or so... } // ADD UNTIL HERE // ------------------------------------------------------------ // Find employee $this->context->employee = new Employee(); $is_employee_loaded = $this->context->employee->getByEmail($email, $passwd); $employee_associated_shop = $this->context->employee->getAssociatedShops(); if (!$is_employee_loaded) Save the file. Test if it works : (You may need to (TEMPORARILY!!): - turn OFF your cache and - 'Template cache' set to "Recompile templates if the files have been updated"in Advanced Parameters->Performanceto see the changes. (Don't forget to turn cache back ON afterwards!) ) to test: Log off from admin logon to admin with non-superadmin-employee logon to admin with superadmin-employee for test purposes, maybe change the value of PS_PASSWD_EXPIRE temporarily in less days: run SQL statement in phpMyAdmin: UPDATE `ps_configuration` SET `value`='5' WHERE `name`= 'PS_PASSWD_EXPIRE' well, that should be it. If you want some warning 10 days before expiration, add some code to send an Email, or a pop up or so. That should do the trick, pascal P.S. Code snippet from PrestaShop 1.5.5.0 Edited September 11, 2013 by PascalVG (see edit history) 1 Link to comment Share on other sites More sharing options...
mani313 Posted September 12, 2013 Author Share Posted September 12, 2013 OK, here we go: - go to your cPanel and get into phpMyAdmin. - Get into your PrestaShop database and fid the table ps_configuration - add a field with name PS_PASSWD_EXPIRE and value '<amount of days password expires>' like this: - go to tab SQL: - run SQL statement: INSERT INTO `ps_configuration`( `name`, `value`, `date_add`, `date_upd`) VALUES ('PS_PASSWD_EXPIRE', '90', now(), now()) and press GO check if field is indeed in table: SELECT * from `ps_configuration` WHERE name = 'PS_PASSWD_EXPIRE' and press GO you should see something like this: PS_PASSWD_EXPIRE.jpg Then: Edit file: controllers/admin/AdminLoginController.php (Make BACKUP first!) Find the function ProcessLogin, and add the code between dotted lines... public function processLogin() { /* Check fields validity */ $passwd = trim(Tools::getValue('passwd')); $email = trim(Tools::getValue('email')); if (empty($email)) $this->errors[] = Tools::displayError('Email is empty.'); elseif (!Validate::isEmail($email)) $this->errors[] = Tools::displayError('Invalid email address.'); if (empty($passwd)) $this->errors[] = Tools::displayError('The password field is blank.'); elseif (!Validate::isPasswd($passwd)) $this->errors[] = Tools::displayError('Invalid password.'); if (!count($this->errors)) { // ----------------------------------------------------------------------------------- // ADD CODE BELOW // Find employee and check if password is expired or not $employee = new Employee(); if (!$employee->getByEmail($email) || !$employee) { $this->errors[] = Tools::displayError('This account does not exist.'); $this->context->employee->logout(); } $DaysUntilExpire = time() - (strtotime($employee->last_passwd_gen.' + '. Configuration::get('PS_PASSWD_EXPIRE').' days')); if (($DaysUntilExpire > 0) AND !$employee->isSuperAdmin()) { $this->errors[] = sprintf(Tools::displayError( 'Your password is expired. Please contact the administrator.')); $this->context->employee->logout(); } if(($DaysUntilExpire + strtotime('10 days') > 0 ) AND !$employee->isSuperAdmin()) // 10 days before expiration, warn { // Add here some early warning system...send Email, or pop up or so... } // ADD UNTIL HERE // ------------------------------------------------------------ // Find employee $this->context->employee = new Employee(); $is_employee_loaded = $this->context->employee->getByEmail($email, $passwd); $employee_associated_shop = $this->context->employee->getAssociatedShops(); if (!$is_employee_loaded) Save the file. Test if it works : (You may need to (TEMPORARILY!!): - turn OFF your cache and - 'Template cache' set to "Recompile templates if the files have been updated"in Advanced Parameters->Performance to see the changes. (Don't forget to turn cache back ON afterwards!) ) to test: Log off from admin logon to admin with non-superadmin-employee logon to admin with superadmin-employee for test purposes, maybe change the value of PS_PASSWD_EXPIRE temporarily in less days: run SQL statement in phpMyAdmin: UPDATE `ps_configuration` SET `value`='5' WHERE `name`= 'PS_PASSWD_EXPIRE' well, that should be it. If you want some warning 10 days before expiration, add some code to send an Email, or a pop up or so. That should do the trick, pascal P.S. Code snippet from PrestaShop 1.5.5.0 thank you so much! i appreciate your hard work here, really like this such effort. i'll try, let you know soon which is worked..! Link to comment Share on other sites More sharing options...
Recommended Posts