├── logo.png
├── .gitattributes
├── pwdexp
    ├── lang
    │   ├── en
    │   │   └── auth_pwdexp.php
    │   └── nl
    │   │   └── auth_pwdexp.php
    ├── version.php
    ├── README.txt
    ├── config.html
    └── auth.php
├── README.md
└── .gitignore


/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/DBezemer/moodle-auth_pwdexp/Moodle-2/logo.png


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
 1 | # Auto detect text files and perform LF normalization
 2 | * text=auto
 3 | 
 4 | # Custom for Visual Studio
 5 | *.cs     diff=csharp
 6 | *.sln    merge=union
 7 | *.csproj merge=union
 8 | *.vbproj merge=union
 9 | *.fsproj merge=union
10 | *.dbproj merge=union
11 | 
12 | # Standard to msysgit
13 | *.doc	 diff=astextplain
14 | *.DOC	 diff=astextplain
15 | *.docx diff=astextplain
16 | *.DOCX diff=astextplain
17 | *.dot  diff=astextplain
18 | *.DOT  diff=astextplain
19 | *.pdf  diff=astextplain
20 | *.PDF	 diff=astextplain
21 | *.rtf	 diff=astextplain
22 | *.RTF	 diff=astextplain
23 | 


--------------------------------------------------------------------------------
/pwdexp/lang/en/auth_pwdexp.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | $string['auth_pwdexptitle'] = 'Password Expiration Check';
 3 | $string['auth_pwdexpdescription'] = "This authenticator checks if the user's password needs to expire.<br/>If so, it will set the flag to force the account to change its password and redirect to the given URL.<br/><br/>Be sure to save these settings at least once and after each change.";
 4 | $string['auth_server_settings'] = "Password expiration check settings";
 5 | $string['auth_expirationdays_key'] = "Days until expiry";
 6 | $string['auth_expirationdays'] = "Number of days after which the password needs to expire.";
 7 | $string['auth_redirecturl_key'] = "Redirect URL";
 8 | $string['auth_redirecturl'] = "URL to redirect to when password has expired.";
 9 | $string['pluginname'] = "Password Expiration Check";
10 | ?>


--------------------------------------------------------------------------------
/pwdexp/lang/nl/auth_pwdexp.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | $string['auth_pwdexptitle'] = 'Wachtwoord Wijzig Interval';
 3 | $string['auth_pwdexpdescription'] = "Met deze authenticatie module wordt gecontroleerd of het wachtwoord van de gebruiker moet komen te vervallen.<br/>Indien het opgegeven aantal dagen sinds de laatste keer is verlopen wordt het veranderen van het wachtwoord geforceerd en de gebruiker doorgestuurd naar de opgegeven URL.<br/><br/>Sla deze instellingen minstens eenmaal op en ook na elke verandering.";
 4 | $string['auth_server_settings'] = "Instellingen voor de controle op het laten vervallen van wachtwoorden";
 5 | $string['auth_expirationdays_key'] = "Dagen tot vervallen";
 6 | $string['auth_expirationdays'] = "Het aantal dagen waarna een wachtwoord moet komen te vervallen.";
 7 | $string['auth_redirecturl_key'] = "Redirect URL";
 8 | $string['auth_redirecturl'] = "De URL waar naar toe moet worden gegaan wanneer het wachtwoord is komen te vervallen.";
 9 | $string['pluginname'] = "Wachtwoord Wijzig Interval";
10 | ?>


--------------------------------------------------------------------------------
/pwdexp/version.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | // This file is part of Moodle - http://moodle.org/
 3 | //
 4 | // Moodle is free software: you can redistribute it and/or modify
 5 | // it under the terms of the GNU General Public License as published by
 6 | // the Free Software Foundation, either version 3 of the License, or
 7 | // (at your option) any later version.
 8 | //
 9 | // Moodle is distributed in the hope that it will be useful,
10 | // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 | // GNU General Public License for more details.
13 | //
14 | // You should have received a copy of the GNU General Public License
15 | // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16 | 
17 | /**
18 |  * Version details
19 |  *
20 |  * @package    auth_pwdexp
21 |  * @copyright  UP learning B.V. 2013 www.uplearning.nl
22 |  * @author     Anne Krijger
23 |  * @author     David Bezemer
24 |  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 |  */
26 | 
27 | defined('MOODLE_INTERNAL') || die();
28 | 
29 | $plugin->version   = 2014031100;        	// The current plugin version (Date: YYYYMMDDXX)
30 | $plugin->requires  = 2011011400;        	// Requires this Moodle version
31 | $plugin->component = 'auth_pwdexp';       	// Full name of the plugin (used for diagnostics)
32 | $plugin->release = '1.1 (Build: 2014031100)';
33 | $plugin->maturity = MATURITY_STABLE;


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | moodle-auth-pwdexp
 2 | ==================
 3 | 
 4 | A Moodle Auth plugin that handles password expiry
 5 | 
 6 | Introduction
 7 | For a customer of UP learning, a special Authentication Module has been developed to handle password expiry in Moodle environments.
 8 | This plugin can be configured to force users to modify their password at a set interval (in days).
 9 | 
10 | Installing
11 | Place the pwdexp folder into the auth folder. Follow the normal installation procedure as you would for any plugin.
12 | 
13 | Configuration
14 | After installation the authentication module has to be enabled and configured.
15 | Users - Authentication - Manage Authentication will now list the added module as: 'Password Expiration check'
16 | 
17 | On the 'Settings' page there are two configurable options:
18 | 1.	The amount of days for password expiration
19 | 2.	The URL to redirect to when the password has expired (ie Moodle Password change page)
20 | 
21 | Choose enable to activate the plugin, optionally configure the Expirationdays to a value to your desire (in days).
22 | Also configure the page where users should be redirected when their password has expired. To use the default change password page (recommended) enter https://yourdomainname.com/login/change_password.php
23 | 
24 | Remark: Before the plugin is fully active, its settings need to be saved once, after this users will be tracked.
25 | The module will apply to all logged in users, regardless of the authentication plugin order.
26 | For this reason the plugin will enforce a password change for every user logging in after activating the plugin directly, and not after the first interval.
27 | 
28 | Workings
29 | This module stores a password change date in the mdl_user_preferences table in the following format:
30 | - userid
31 | - auth_pwdexp_date
32 | - timestamp (in unixtime)
33 | 
34 | When you login, the plugin will check the timestamp that is stored in the database, and if the value there is older than the password expiration interval, it will insert force_passwordchange = 1 into your user preferences, triggering the Moodle password change.


--------------------------------------------------------------------------------
/pwdexp/README.txt:
--------------------------------------------------------------------------------
 1 | moodle-auth-pwdexp
 2 | ==================
 3 | 
 4 | A Moodle Auth plugin that handles password expiry
 5 | 
 6 | Introduction
 7 | For a customer of UP learning, a special Authentication Module has been developed to handle password expiry in Moodle environments.
 8 | This plugin can be configured to force users to modify their password at a set interval (in days).
 9 | 
10 | Installing
11 | Place the pwdexp folder into the auth folder. Follow the normal installation procedure as you would for any plugin.
12 | 
13 | Configuration
14 | After installation the authentication module has to be enabled and configured.
15 | Users - Authentication - Manage Authentication will now list the added module as: 'Password Expiration check'
16 | 
17 | On the 'Settings' page there are two configurable options:
18 | 1.	The amount of days for password expiration
19 | 2.	The URL to redirect to when the password has expired (ie Moodle Password change page)
20 | 
21 | Choose enable to activate the plugin, optionally configure the Expirationdays to a value to your desire (in days).
22 | Also configure the page where users should be redirected when their password has expired. To use the default change password page (recommended) enter https://yourdomainname.com/login/change_password.php
23 | 
24 | Remark: Before the plugin is fully active, its settings need to be saved once, after this users will be tracked.
25 | The module will apply to all logged in users, regardless of the authentication plugin order.
26 | For this reason the plugin will enforce a password change for every user logging in after activating the plugin directly, and not after the first interval.
27 | 
28 | Workings
29 | This module stores a password change date in the mdl_user_preferences table in the following format:
30 | - userid
31 | - auth_pwdexp_date
32 | - timestamp (in unixtime)
33 | 
34 | When you login, the plugin will check the timestamp that is stored in the database, and if the value there is older than the password expiration interval, it will insert force_passwordchange = 1 into your user preferences, triggering the Moodle password change.


--------------------------------------------------------------------------------
/pwdexp/config.html:
--------------------------------------------------------------------------------
 1 | <?php
 2 | // This file is part of Moodle - http://moodle.org/
 3 | //
 4 | // Moodle is free software: you can redistribute it and/or modify
 5 | // it under the terms of the GNU General Public License as published by
 6 | // the Free Software Foundation, either version 3 of the License, or
 7 | // (at your option) any later version.
 8 | //
 9 | // Moodle is distributed in the hope that it will be useful,
10 | // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 | // GNU General Public License for more details.
13 | //
14 | // You should have received a copy of the GNU General Public License
15 | // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16 | 
17 | /**
18 |  * Version details
19 |  *
20 |  * @package    auth_pwdexp
21 |  * @copyright  UP learning B.V. 2013 www.uplearning.nl
22 |  * @author     Anne Krijger
23 |  * @author     David Bezemer
24 |  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 |  */
26 | 
27 | // set to defaults if undefined
28 | if (!isset ($config->expirationdays)) {
29 |     $config->expirationdays = 30;
30 | }
31 | if (!isset ($config->redirecturl)) {
32 |     $config->redirecturl = $CFG->httpswwwroot .'/login/change_password.php';
33 | }
34 | 
35 | ?>
36 | <table cellspacing="0" cellpadding="5" border="0">
37 | 	
38 | <tr>
39 |    <td colspan="2">
40 |         <h4><?php print_string('auth_server_settings', 'auth_pwdexp') ?> </h4>
41 |    </td>
42 | </tr>
43 | 
44 | <tr valign="top">
45 |     <td align="left"><?php print_string('auth_expirationdays_key', 'auth_pwdexp') ?>: </td>
46 |     <td>
47 |         <input name="expirationdays" type="text" size="10" value="<?php echo $config->expirationdays ?>" />
48 |         <?php
49 | 
50 |         if (isset($err['expirationdays'])) {
51 |             formerr($err['expirationdays']);
52 |         }
53 | 
54 |         ?>
55 |         </td>
56 |     <td><?php print_string('auth_expirationdays', 'auth_pwdexp') ?></td>
57 | </tr>
58 | 
59 | <tr valign="top">
60 |     <td align="left"><?php print_string('auth_redirecturl_key', 'auth_pwdexp') ?>: </td>
61 |     <td>
62 |         <input name="redirecturl" type="text" size="75" value="<?php echo $config->redirecturl ?>" />
63 |         <?php
64 | 
65 |         if (isset($err['redirecturl'])) {
66 |             formerr($err['redirecturl']);
67 |         }
68 | 
69 |         ?>
70 |         </td>
71 |     <td><?php print_string('auth_redirecturl', 'auth_pwdexp') ?></td>
72 | </tr>
73 | 
74 | </table>


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | #################
  2 | ## Eclipse
  3 | #################
  4 | 
  5 | *.pydevproject
  6 | .project
  7 | .metadata
  8 | bin/
  9 | tmp/
 10 | *.tmp
 11 | *.bak
 12 | *.swp
 13 | *~.nib
 14 | local.properties
 15 | .classpath
 16 | .settings/
 17 | .loadpath
 18 | 
 19 | # External tool builders
 20 | .externalToolBuilders/
 21 | 
 22 | # Locally stored "Eclipse launch configurations"
 23 | *.launch
 24 | 
 25 | # CDT-specific
 26 | .cproject
 27 | 
 28 | # PDT-specific
 29 | .buildpath
 30 | 
 31 | 
 32 | #################
 33 | ## Visual Studio
 34 | #################
 35 | 
 36 | ## Ignore Visual Studio temporary files, build results, and
 37 | ## files generated by popular Visual Studio add-ons.
 38 | 
 39 | # User-specific files
 40 | *.suo
 41 | *.user
 42 | *.sln.docstates
 43 | 
 44 | # Build results
 45 | [Dd]ebug/
 46 | [Rr]elease/
 47 | *_i.c
 48 | *_p.c
 49 | *.ilk
 50 | *.meta
 51 | *.obj
 52 | *.pch
 53 | *.pdb
 54 | *.pgc
 55 | *.pgd
 56 | *.rsp
 57 | *.sbr
 58 | *.tlb
 59 | *.tli
 60 | *.tlh
 61 | *.tmp
 62 | *.vspscc
 63 | .builds
 64 | *.dotCover
 65 | 
 66 | ## TODO: If you have NuGet Package Restore enabled, uncomment this
 67 | #packages/
 68 | 
 69 | # Visual C++ cache files
 70 | ipch/
 71 | *.aps
 72 | *.ncb
 73 | *.opensdf
 74 | *.sdf
 75 | 
 76 | # Visual Studio profiler
 77 | *.psess
 78 | *.vsp
 79 | 
 80 | # ReSharper is a .NET coding add-in
 81 | _ReSharper*
 82 | 
 83 | # Installshield output folder
 84 | [Ee]xpress
 85 | 
 86 | # DocProject is a documentation generator add-in
 87 | DocProject/buildhelp/
 88 | DocProject/Help/*.HxT
 89 | DocProject/Help/*.HxC
 90 | DocProject/Help/*.hhc
 91 | DocProject/Help/*.hhk
 92 | DocProject/Help/*.hhp
 93 | DocProject/Help/Html2
 94 | DocProject/Help/html
 95 | 
 96 | # Click-Once directory
 97 | publish
 98 | 
 99 | # Others
100 | [Bb]in
101 | [Oo]bj
102 | sql
103 | TestResults
104 | *.Cache
105 | ClientBin
106 | stylecop.*
107 | ~$*
108 | *.dbmdl
109 | Generated_Code #added for RIA/Silverlight projects
110 | 
111 | # Backup & report files from converting an old project file to a newer
112 | # Visual Studio version. Backup files are not needed, because we have git ;-)
113 | _UpgradeReport_Files/
114 | Backup*/
115 | UpgradeLog*.XML
116 | 
117 | 
118 | 
119 | ############
120 | ## Windows
121 | ############
122 | 
123 | # Windows image file caches
124 | Thumbs.db
125 | 
126 | # Folder config file
127 | Desktop.ini
128 | 
129 | 
130 | #############
131 | ## Python
132 | #############
133 | 
134 | *.py[co]
135 | 
136 | # Packages
137 | *.egg
138 | *.egg-info
139 | dist
140 | build
141 | eggs
142 | parts
143 | bin
144 | var
145 | sdist
146 | develop-eggs
147 | .installed.cfg
148 | 
149 | # Installer logs
150 | pip-log.txt
151 | 
152 | # Unit test / coverage reports
153 | .coverage
154 | .tox
155 | 
156 | #Translations
157 | *.mo
158 | 
159 | #Mr Developer
160 | .mr.developer.cfg
161 | 
162 | # Mac crap
163 | .DS_Store
164 | 


--------------------------------------------------------------------------------
/pwdexp/auth.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | /**
  3 |  *
  4 |  * @package    auth
  5 |  * @subpackage pwdexp
  6 |  * @copyright  2013 UP learning B.V.
  7 |  * @author     Anne Krijger & David Bezemer info@uplearning.nl
  8 |  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  9 |  *
 10 |  *
 11 |  * Authentication Plugin: Password Expire Authentication
 12 |  * 
 13 |  * Check if user has property auth_pwdexp_date set.
 14 |  * If not assume the password has expired
 15 |  * If date is set, check if it is today or earlier
 16 |  *  if so, password is expired
 17 |  * If Password is expired
 18 |  *  set new auth_pwdexp_date to today + #days as defined (default 30 days)
 19 |  *  force password reset and redirect to defined URL (default change password page)
 20 |  *   
 21 |  */
 22 | 
 23 | if (!defined('MOODLE_INTERNAL')) {
 24 |     die('Direct access to this script is forbidden.');    ///  It must be included from a Moodle page
 25 | }
 26 | 
 27 | define('PREF_FIELD_AUTH_PWDEXP_DATE', 'auth_pwdexp_date');
 28 | 
 29 | require_once($CFG->libdir.'/authlib.php');
 30 | 
 31 | /**
 32 |  * Password Expire authentication plugin.
 33 |  */
 34 | class auth_plugin_pwdexp extends auth_plugin_base {
 35 | 
 36 |     /**
 37 |      * Constructor.
 38 |      */
 39 |     function auth_plugin_pwdexp() {
 40 |         $this->authtype = 'pwdexp';
 41 |         $this->config = get_config('auth/pwdexp');
 42 |     }
 43 | 
 44 | 
 45 |     /**
 46 |      * Returns false since username password is not checked yet.
 47 |      *
 48 |      * @param string $username The username (with system magic quotes)
 49 |      * @param string $password The password (with system magic quotes)
 50 |      * @return bool Authentication success or failure.
 51 |      */
 52 |     function user_login ($username, $password) {
 53 |        return false;
 54 |     }
 55 | 
 56 |     /**
 57 |      * Post authentication hook.
 58 |      * This method is called from authenticate_user_login() for all enabled auth plugins.
 59 |      *
 60 |      * @param object $user user object, later used for $USER
 61 |      * @param string $username (with system magic quotes)
 62 |      * @param string $password plain text password (with system magic quotes)
 63 |      *
 64 |      * Hook is used to check if password needs to expire and if so
 65 |      * expired it and redirect to defined page (default new password page)
 66 |      * 
 67 |      */
 68 |     function user_authenticated_hook(&$user, $username, $password) {
 69 |     	$this->checkPasswordExpiration($user, $username, $password); 
 70 |     }
 71 |        
 72 |     /**
 73 |      * Password expiration check
 74 |      * Check if password needs to expire and if so
 75 |      * expired it and redirect to defined page (default new password page)
 76 |      *
 77 |      * @param object $user user object, later used for $USER
 78 |      * @param string $username (with system magic quotes)
 79 |      * @param string $password plain text password (with system magic quotes)
 80 |      * 
 81 |      */
 82 |     function checkPasswordExpiration(&$user, $username, $password) {
 83 |     	global $SESSION,$USER;
 84 |         $config = get_config('auth/pwdexp');
 85 |         $today = mktime(0, 0, 0, date("m")  , date("d"), date("Y"));
 86 |         // default date to -1 so if not found always before today
 87 |         $passwordExpDate = get_user_preferences(PREF_FIELD_AUTH_PWDEXP_DATE, -1, $user->id);
 88 |     	// If not settings found don't expire otherwise check date
 89 |         $passwordExpired = (($config != null && $config !== false) && ($passwordExpDate <= $today));
 90 |         if ($passwordExpired && ($user->auth == 'manual')) {
 91 |         	$expirationdays = $config->expirationdays;
 92 |         	$redirecturl = $config->redirecturl; 
 93 |         	
 94 |         	// force new password
 95 |         	set_user_preference('auth_forcepasswordchange', 1, $user->id);
 96 |         	
 97 |         	// set new date
 98 |         	$newexpdate = mktime(0, 0, 0, date("m")  , (date("d") + $expirationdays), date("Y"));
 99 |         	set_user_preference(PREF_FIELD_AUTH_PWDEXP_DATE, $newexpdate, $user->id);
100 |         	
101 |         	// redirect when done
102 |         	$SESSION->wantsurl = $redirecturl;
103 |         }
104 |     }
105 |     
106 |     /**
107 |      * Prints a form for configuring this authentication plugin.
108 |      *
109 |      * This function is called from admin/auth.php, and outputs a full page with
110 |      * a form for configuring this plugin.
111 |      *
112 |      * @param array $page An object containing all the data for this page.
113 |      */
114 |     function config_form($config, $err, $user_fields) {
115 |         include "config.html";
116 |     }
117 | 
118 |     /**
119 |      * Processes and stores configuration data for this authentication plugin.
120 |      */
121 |     function process_config($config) {
122 |     	global $CFG;
123 |         // set to defaults if undefined
124 |         if (!isset ($config->expirationdays)) {
125 |             $config->expirationdays = 30;
126 |         }
127 |         if (!isset ($config->redirecturl)) {
128 |             $config->redirecturl = $CFG->httpswwwroot .'/login/change_password.php';
129 |         }
130 | 
131 |         // save settings
132 |         set_config('expirationdays', $config->expirationdays, 'auth/pwdexp');
133 |         set_config('redirecturl', $config->redirecturl, 'auth/pwdexp');
134 |         
135 |         return true;
136 |     }
137 | }
138 | ?>


--------------------------------------------------------------------------------