Support password policy validation to update password expiration.

Created on 15 April 2025, 14 days ago

Problem/Motivation

The Password Policy module expects either a login via a one-time login link—setting the user_pass_reset form state variable—or that the user provides both the current and a new password. Currently, the Simple Password Reset flow does neither of these.

Reference:
https://git.drupalcode.org/project/password_policy/-/blob/4.0.x/password...

Steps to reproduce

Set up a password expiration policy using Password Policy.
Use Simple Password Reset to change a user's password.
Observe that the password expiration date is not updated.

Proposed resolution

Set the user_pass_reset form state variable during the Simple Password Reset process. This allows Password Policy to recognize the reset context and update the expiration date accordingly during validation.

Reference for user_pass_reset:
https://git.drupalcode.org/project/drupal/-/blob/10.4.x/core/modules/use...

🐛 Bug report

Status

Active

Version

1.4

Component

Code

Created by

🇳🇱Netherlands willempje2

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @willempje2
Comment 14 days ago →
🇳🇱Netherlands willempje2
Comment 14 days ago →
🇳🇱Netherlands willempje2

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024