Add validator from policy password module if exist.
Patch includes fix form https://www.drupal.org/files/issues/2020-08-25/prlp-form_validation-3143... and fix problem with non-matching passwords

CommentFileSizeAuthor
#2 3182013-integration-with-password-policy.patch4.26 KBpawelgorski87

Issue fork prlp-3182013

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

Pawelgorski87 created an issue. See original summary.

pawelgorski87’s picture

pawelgorski87 commented
StatusFileSize
new 3182013-integration-with-password-policy.patch4.26 KB

Patch add validator from password_policy module, also included https://www.drupal.org/files/issues/2020-08-25/prlp-form_validation-3143...

pawelgorski87’s picture

pawelgorski87 commented
Issue summary: View changes
pawelgorski87’s picture

pawelgorski87 commented
Status: Active » Needs review
jasonawant’s picture

jasonawant
he/him
Primary language English
Location New Orleans, USA
commented
Related issues: +#2943105: Password policy and Password Reset Landing Page

Adding related issue #2943105: Password policy and Password Reset Landing Page. I haven't had a chance to compare this solution to that one.

jasonawant’s picture

jasonawant
he/him
Primary language English
Location New Orleans, USA
commented

Also, I'm wondering if additional logic is needed to replicate _password_policy_user_profile_form_submit() setting the user account's field_last_password_reset value.

Otherwise, after a user resets their password, they could still have an expired password which prompts them to reset their password yet again.

See _password_policy_user_profile_form_submit()

adriancid’s picture

adriancid
Primary language Spanish
Location Qc, Canada 🇨🇦
commented
Status: Needs review » Needs work

The patch needs reroll

mably made their first commit to this issue’s fork.

mably opened merge request !14

mably’s picture

mably commented

This simple MR adds two events (replacement for hooks) to allow other modules to take actions on password validation and before password save.

Once this MR is applied you can integrate PRLP with Password Policy by using this module: https://www.drupal.org/project/password_policy_extras (Link to the related EventSubscriber class).

Thanks for merging!

mably’s picture

mably commented
Status: Needs work » Needs review

mably changed the visibility of the branch 3182013-integration-with-password to hidden.

mably changed the visibility of the branch 3182013-integration-with-password to active.

mably closed merge request !14

mably’s picture

mably commented

I have moved my MR to its own dedicated issue to make things clearer.

mably’s picture

mably commented
Status: Needs review » Needs work
ccrawford91’s picture

ccrawford91 commented
Status: Needs work » Postponed

Postponing for now.

Issue #3447787 added events and dispatches them so that other modules can listen for and respond accordingly themselves.

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented
Version: 8.x-1.x-dev » 2.0.x-dev
Assigned: pawelgorski87 » Unassigned
Status: Postponed » Needs work

https://www.drupal.org/project/prlp/issues/3447787 is merged, setting this back to active.

Also see https://www.drupal.org/project/password_policy_extras - is that a viable solution?

ccrawford91’s picture

ccrawford91 commented

The password policy extras module is the only viable option at present. The password policy module doesn't perform its checks unless you're on the "user.reset" route. The reset form exists on the "user.reset.form" route so the password policy service does nothing.

The password policy module either needs to expand its "valid" routes to include the form one or subscribe to the events the prlp module provides (which is what the extras' submodule is already doing).

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented

@ccrawford91 would it maybe make sense to integrate https://www.drupal.org/project/password_policy_extras into prlp directly or as submodule to make it more visible?

At least I think it should be made visible on the module page of prlp and in the README?

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented
Related issues: +#3487757: Remove the password confirm field
ccrawford91’s picture

ccrawford91 commented

@anybody After looking at how the policy extras module works, I've written a similar submodule in the prlp module.
Take a look and try out this branch.

  • 1399bd97 committed on issues/prlp-3182013-intergrate-password-policy 
    Issue #3182013 - New submodule to intergrate with password policy module
ccrawford91’s picture

ccrawford91 commented
Status: Needs work » Needs review

  • ccrawford91 committed 448be20e on issues/prlp-3182013-intergrate-password-policy 
    Issue #3182013 - New submodule to intergrate with password policy module

  • ccrawford91 committed 448be20e on 2.0.x 
    Issue #3182013 - New submodule to intergrate with password policy module