Projects:Change password/User Guide
This project adds the option to define a number of days to password expiration to all users on that client. Configuration is made at Client, setting Days to Password Expiration and affect all users on that client.
By default last updated password date of the user is stored, if last update password date of the user plus days to password expiration defined in the client is reached, the user will not be able to login until the password is changed. User will be forced to introduce a new password different from the previous one.
Every time user changes the password, last update password date of the user is updated with the actual date, even if password has been changed from the backend and date has not been reached.
The implementation works for the backend and mobile.
During login (Backend and WebPOS), the process will check if the user has reached the limit date for the password, in this case, the interface will ask to renew the password, and the new limit date will be updated once the new password is saved.
Also password could be renewed from the backend, in User windows, using password field to change the password.
All configuration is done through the Days to expire password field in 'Client' window. Configuration apply to all Users on that Client.
The value of the field determine day limit during which, a password must be valid for users:
- If it is set to 0, no day limit will be applied.
- If the value is greater than 0, the day limit will apply after last date of user update password date.
- Password Validity Days are set in Client to 30 days.
- Cashier logs into backend
- Enter login credentials
- Cashier updates his password.
- 30 days later...
- User logs into backend
- Enter his login credentials** System show a message: User must set a new password.
- User enters the same password than previous one.
- System show a message: Password must be different from the previous one.
- User enters an empty password
- System show a message: Password can not be empty.
- User enters different passwords in fields.
- System show a message: Password must be the same.
- User enters different passwords from previous one, and the same in both fields.
- User is logged and password is changed, also last update password date of the user updated.
- Login to POS terminal:
- User enter his new credentials
- User is logged with the new password.
- 30 days later user will be asked newly to renew the password.