https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42926 Tomás Cohen Arazi (tcohen) <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Failed QA --- Comment #3 from Tomás Cohen Arazi (tcohen) <tomascohen@gmail.com> --- Expired password preventing basic login on the API was already a thing in Koha. The introduced changes here are: 1) Signal de consumer about this situation in a better way. 2) Add an explicit exception for expired passwords. 3) Allow password change when expired (through a path check and exception) (1) * We prefer snake_case for coded values on the API * I think 'Password expired' reads better but I leave it to native speakers * You should use `error_code => 'password_expired'` instead of changing the 'error' object schema (by adding a new 'passwordmustchange' attribute') (2) Stick to `Koha::Exceptions::Password::Expired` for the exception name (3) This looks good. -- You are receiving this mail because: You are watching all bug changes.