| Table of Contents |
|---|
Purpose
...
- has at least 12 characters long;
- contains both upper- and lowercase letters, numbers, and special characters
Must be controlled by regular expression.
In case of error - return 422 error (message: "Password doest not meet complexity requirements")
...
Destination | Source | Description |
|---|---|---|
| id | Autogenerated | |
| user_id | $.user_id | Extract user from token |
| password | $.decrypted_hash | |
| inserted_at | Timestamp: now() | Get current date-time |
3. Not allow to use recently used passwords
...
- Each time when user login into system check conidtioncondition:
- now()<=mithril.users.password_expires_at-config.password_to_change
- if condition=false
- show message 'Your passwords expires soon. Please, change it to the new one.'
...
- set expires_at=now() for all tokens where tokens.name='refresh_token' and tokens.user_id=$user.id (--and tokens.name='refresh_token')
- don't send access_token in response on {{
host}}/oauth/tokens until the password will be changed. Show the message "The password must be changed".