Compatability with Guardian module

Created on 18 April 2023, almost 2 years ago

Problem/Motivation

The Guardian module, guards account so that passwords cannot be edited in the interface. If simple pass reset is turned on, this is circumvented by requesting a new password for the guarded account.

Steps to reproduce

Turn on the Guardian module.
Request a password via "/user/password" for user 1
Click on the link in the e-mail to reset your password
Now you can change the password for user 1 and this should not be the case

Proposed resolution

Detect if the Guardian module is used and if you try to login with a guarded account follow the regular process to login and skip the simple pass reset functionality.

✨ Feature request

Status

Active

Version

1.1

Component

Code

Created by

🇳🇱Netherlands mike.vindicate

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @mike.vindicate
Comment almost 2 years ago →
🇳🇱Netherlands mike.vindicate
Attached patch that implements solution to skip simple pass reset when guardian is used for guarded accounts.
Comment 5 months ago →
🇳🇱Netherlands mike.vindicate
Updated patch to be compatible with 1.3
Comment 3 months ago →
🇧🇪Belgium tim-diels Belgium 🇧🇪
So if I understand correctly, the 2 modules can work next to each other but should not do anything when Guardian is activated for an account? Would be good to have some kind of test or at least someone else can review this?

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024