SuiteCRM/SuiteCRM-Core
2
0
Fork 0
mirror of https://github.com/SuiteCRM/SuiteCRM-Core.git synced 2025-08-29 07:50:08 +08:00
Code Issues Projects Packages Activity Actions

Fix #433 - update login to redirect if expired password

Browse source
This commit is contained in:
Jack Anderson 2024-02-22 14:53:10 +00:00
parent 556f5b91dc
commit 31522dc6ea
4 changed files with 71 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

4
config/services/system/settings.yaml
View file

@ -1,3 +1,5 @@
parameters:
system.settings:
setup_wizard_route: users/Wizard
setup_wizard_route:
route: users/Wizard
queryParams:

8
core/app/core/src/lib/views/login/components/login/login.component.ts
View file

@ -195,8 +195,12 @@ export class LoginUiComponent implements OnInit {
this.languageStore.setSessionLanguage()
.pipe(catchError(() => of({})))
.subscribe(() => {
if (result && result.redirect) {
this.router.navigate([result.redirect]).then();
if (result && result.redirect && result.redirect.route) {
this.router.navigate(
[result.redirect.route],
{
queryParams: result.redirect.queryParams ?? {}
}).then();
return;
}

65
core/backend/Authentication/Controller/SecurityController.php
View file

@ -35,8 +35,9 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
/**
@ -69,17 +70,33 @@ class SecurityController extends AbstractController
/**
* @Route("/login", name="app_login", methods={"GET", "POST"})
* @param AuthenticationUtils $authenticationUtils
* @param Security $security
* @return JsonResponse
*/
public function login(AuthenticationUtils $authenticationUtils): JsonResponse
public function login(AuthenticationUtils $authenticationUtils, Security $security): JsonResponse
{
$error = $authenticationUtils->getLastAuthenticationError();
$isAppInstalled = $this->authentication->getAppInstallStatus();
$isAppInstallerLocked = $this->authentication->getAppInstallerLockStatus();
$appStatus = [
'installed' => $isAppInstalled,
'locked' => $isAppInstallerLocked
];
if ($error) {
return new JsonResponse('Login Failed', Response::HTTP_UNAUTHORIZED);
return new JsonResponse(['active' => false], Response::HTTP_UNAUTHORIZED);
}
return new JsonResponse('Login Success', Response::HTTP_OK);
$user = $security->getUser();
$data = $this->getResponseData($user, $appStatus);
$needsRedirect = $this->authentication->needsRedirect($user);
if (!empty($needsRedirect)) {
$data['redirect'] = $needsRedirect;
}
return new JsonResponse($data, Response::HTTP_OK);
}
/**
@ -134,19 +151,7 @@ class SecurityController extends AbstractController
return $response;
}
$id = $user->getId();
$firstName = $user->getFirstName();
$lastName = $user->getLastName();
$userName = $user->getUsername();
$data = [
'appStatus' => $appStatus,
'active' => true,
'id' => $id,
'firstName' => $firstName,
'lastName' => $lastName,
'userName' => $userName
];
$data = $this->getResponseData($user, $appStatus);
return new JsonResponse($data, Response::HTTP_OK);
}
@ -156,9 +161,9 @@ class SecurityController extends AbstractController
* @param AuthenticationUtils $authenticationUtils
* @return JsonResponse
*/
public function nativeAuthLogin(AuthenticationUtils $authenticationUtils): JsonResponse
public function nativeAuthLogin(AuthenticationUtils $authenticationUtils, Security $security): JsonResponse
{
return $this->login($authenticationUtils);
return $this->login($authenticationUtils, $security);
}
/**
@ -179,4 +184,26 @@ class SecurityController extends AbstractController
{
return $this->sessionStatus($security);
}
/**
* @param UserInterface $user
* @param array $appStatus
* @return array
*/
private function getResponseData(UserInterface $user, array $appStatus): array
{
$id = $user->getId();
$firstName = $user->getFirstName();
$lastName = $user->getLastName();
$userName = $user->getUsername();
return [
'appStatus' => $appStatus,
'active' => true,
'id' => $id,
'firstName' => $firstName,
'lastName' => $lastName,
'userName' => $userName
];
}
}

27
core/backend/Authentication/LegacyHandler/Authentication.php
View file

@ -111,33 +111,38 @@ class Authentication extends LegacyHandler
* Is current user admin
*
* @param UserInterface $user
* @return string
* @return array
*/
public function needsRedirect(UserInterface $user): string
public function needsRedirect(UserInterface $user): array
{
$this->init();
/** @var \User $current_user */
global $current_user;
$timezone = $current_user->getPreference('timezone');
$ut = $current_user->getPreference('ut');
if (empty($ut) || empty($timezone)) {
$this->close();
return $this->systemSettings['setup_wizard_route'] ?? ['route' => 'users/wizard'];
}
/* @noinspection PhpIncludeInspection */
require_once 'modules/Users/password_utils.php';
if (hasPasswordExpired($user->getUsername())) {
$this->close();
return 'users/ChangePassword?record=' . $current_user->id;
}
$timezone = $current_user->getPreference('timezone');
$ut = $current_user->getPreference('ut');
return [
'route' => 'users/ChangePassword',
'queryParams' => ['record' => $current_user->id]
];
}
$this->close();
if (empty($ut) || empty($timezone)) {
return $this->systemSettings['setup_wizard_route'] ?? 'users/wizard';
}
return '';
return [];
}
/**