Download the PHP package robinbrackez/password-expiration-bundle without Composer
On this page you can find all versions of the php package robinbrackez/password-expiration-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download robinbrackez/password-expiration-bundle
More information about robinbrackez/password-expiration-bundle
Files in robinbrackez/password-expiration-bundle
Package password-expiration-bundle
Short Description Symfony bundle to enforce users to change their password periodically.
License MIT
Homepage https://www.github.com/robinbrackez/password-expiration-bundle
Informations about the package password-expiration-bundle
Password Expiration Bundle
About
Symfony bundle to enforce users to change their password every X days, and keeps track when the password was changed.
The bundle won't allow to user to navigate to any page unless they change their password.
It can be integrated with EasyAdmin bundle, but it's not a requirement.
This is meant for Symfony projects that use the MVC pattern, not for apis.
It doesn't support multiple login methods, so sites that have different login pages for admins and users are not supported.
Install
composer req robinbrackez/password-expiration-bundle
Add the bundle to config/bundles.php
Add to your User class:
implements RobinBrackez\PasswordExpirationBundle\User\PasswordExpirableInterfaceuse RobinBrackez\PasswordExpirationBundle\User\PasswordExpirableTrait
For instance:
Create and run migrations to add the password_changed_at field to the User table.
There needs to be a property called 'password' inside your User entity, this is necessary for the listener to check on.
Config:
- changePasswordRouteName: the name of the route to change your password
- passwordMaxDaysOld: the age in days when users need to change their password
- easyadmin.changePasswordControllerName: when working with EasyAdmin, pass the FQDN of the controller that handles changing passwords
- easyadmin.changePasswordControllerActionName: when working with EasyAdmin, pass the action name of the controller that handles changing passwords
For instance:
If you don't have EasyAdmin, omit the easyadmin related parameters
Only GET requests
It only forwards GET requests, not POSTS or so, to avoid that users get the change password screen when they submitted a form and would lose their changes.
Versioning
Works with Symfony 5.4 and 6.x
Not yet a Symfony 7.x branch
Symfony 6.4 may get deprecate notices.
All versions of password-expiration-bundle with dependencies
symfony/framework-bundle Version ^5.4|^6.0
symfony/security-bundle Version ^5.4|^6.0
symfony/security-core Version ^5.4|^6.0
doctrine/orm Version ^2.6