[Koha-bugs] [Bug 29925] Add a 'set new password' page for patron's with expired passwords

Wed Feb 9 13:59:17 CET 2022

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29925

Nick Clemens <nick at bywatersolutions.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #129958|0                           |1
        is obsolete|                            |

--- Comment #3 from Nick Clemens <nick at bywatersolutions.com> ---
Created attachment 130357
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=130357&action=edit
Bug 29925: Add a password reset page for expired passwords

This patch adds a new page opac-reset-password where a user cna enter their
login
(userid or carndumber), current password, and new password.

If the user has a password expiration date and the current password is correct
and
the new passwords match and meet requirements their password will be updated
and the
expiration date reset

A patron whose password does not expire will be reidrected to login to change
their password

To test:
 1 - Apply patch, updatedatabase, enable new syspref EnableExpiredPasswordReset
 2 - Set 'Password expiration' for a patron category
     Home->Administration->Patron categories->Edit
 3 - Create a new patron in this category with a userid/password set, and an
email
 4 - Update the patron with an expiration to be expired
     UPDATE borrowers SET password_expiration='2022-01-01' WHERE
borrowernumber=51;
 5 - Give the borrower catalogue permission
 6 - Attempt to log in to Straff interface
 7 - Confirm you are signed out and notified that password must be reset
 8 - Click 'Reset your password' link
 9 - You should see the reset password page with fields for: login, current
password, new password, conmfirm password
10 - enter invalid/incomplete credentials
11 - Confirm you are notified of invlaid credentials
12 - Fill in all fields, but enter current password as new password
13 - Confirm you are notified of no change
14 - Set minimum password length / strong password requirement for category
15 - Confirm you receive error if new password too short or not secure
16 - Enter a valid new password and submit and confirm update is successful
17 - Confirm you have buttons to go to OPAC or Staff and that both work
18 - Confirm you cna log in (i.e. expiration has been reset)
19 - Expire the users password
20 - Remove catalogue permission
21 - Reset password again and confirm only OPAC link

-- 
You are receiving this mail because:
You are watching all bug changes.