|
|
|
|
@ -360,3 +360,62 @@ Sample code:: |
|
|
|
|
return PE_OK; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Password change hooks |
|
|
|
|
--------------------- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
passwordBeforeChange |
|
|
|
|
~~~~~~~~~~~~~~~~~~~~ |
|
|
|
|
|
|
|
|
|
.. versionadded:: 2.0.12 |
|
|
|
|
|
|
|
|
|
This hook is triggered when LemonLDAP::NG is about to change or reset a user's password. Returning an error will cancel the password change operation |
|
|
|
|
|
|
|
|
|
The hook's parameters are: |
|
|
|
|
|
|
|
|
|
* The main user identifier |
|
|
|
|
* The new password |
|
|
|
|
* The old password, if relevant |
|
|
|
|
|
|
|
|
|
Sample code:: |
|
|
|
|
|
|
|
|
|
use constant hook => { |
|
|
|
|
passwordBeforeChange => 'blacklistPassword', |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
sub blacklistPassword { |
|
|
|
|
my ( $self, $req, $user, $password, $old ) = @_; |
|
|
|
|
if ( $password eq "12345" ) { |
|
|
|
|
$self->logger->error("I've got the same combination on my luggage"); |
|
|
|
|
return PE_PP_INSUFFICIENT_PASSWORD_QUALITY; |
|
|
|
|
} |
|
|
|
|
return PE_OK; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
passwordAfterChange |
|
|
|
|
~~~~~~~~~~~~~~~~~~~ |
|
|
|
|
|
|
|
|
|
.. versionadded:: 2.0.12 |
|
|
|
|
|
|
|
|
|
This hook is triggered after LemonLDAP::NG has changed the user's password successfully in the underlying password database |
|
|
|
|
|
|
|
|
|
The hook's parameters are: |
|
|
|
|
|
|
|
|
|
* The main user identifier |
|
|
|
|
* The new password |
|
|
|
|
* The old password, if relevant |
|
|
|
|
|
|
|
|
|
Sample code:: |
|
|
|
|
|
|
|
|
|
use constant hook => { |
|
|
|
|
passwordAfterChange => 'logPasswordChange', |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
sub logPasswordChange { |
|
|
|
|
my ( $self, $req, $user, $password, $old ) = @_; |
|
|
|
|
$old ||= ""; |
|
|
|
|
$self->userLogger->info("Password changed for $user: $old -> $password") |
|
|
|
|
return PE_OK; |
|
|
|
|
} |
|
|
|
|
|
Maxime Besson
4 years ago