Menu
In a Symfony 2.4 project our client wants to force the users to change their password every N days. We saw that there are columns "credentials_expired" and "credentials_expire_at" in the database and a check that throws an AccountExpiredException in the UserChecker class that seem to be for that purpose, but I can't find any documentation on how to enable or configure this feature.
731
Actually, it's the CredentialsExpiredException you want to catch. If you're using the Symfony Security component, then the simplest way to handle this is to check for the exception in the loginAction of your SecurityController:
use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;
use Symfony\Component\Security\Core\SecurityContextInterface;
...
$error = $this->get('session')->get(SecurityContextInterface::AUTHENTICATION_ERROR);
// check if credentials have expired
if ($error instanceof CredentialsExpiredException) {
// display the change password form
return new Response($this->renderView('AcmeDemoBundle:Security:changePassword.html.twig'));
}
You'll obviously need to create a route for changing passwords, which you can set as the form action of your changePassword template. Password change requests can then be handled accordingly in your SecurityController.
The core of your business logic can/should exist within a UserManager (or whatever you wish to call it) service class, which you can instantiate and invoke as needed from your SecurityController.
Hope that helps.
NOTE: For posterity, the expired user object is stored within the CredentialsExpiredException exception, so you can easily retrieve it if you need to act upon it for handling expired passwords:
$error->getUser();
106
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
