Hi @tanner.stirrat,
Thanks for the update.
If you require the password expiration to be applied conditionally, you might need to write a custom post-login action script to handle this scenario.
Here’s a sample code you can use to adapt to your use case:
exports.onExecutePostLogin = async (event, api) => {
// Get the user's last password reset timestamp
const lastPasswordReset = event.user.last_password_reset;
// Check if the last password reset timestamp exists
if (lastPasswordReset) {
// Convert lastPasswordReset to a Date object
const lastResetDate = new Date(lastPasswordReset);
// Get the current date
const currentDate = new Date();
// Calculate the difference in days between the current date and the last password reset
const daysSinceReset = Math.floor((currentDate - lastResetDate) / (1000 * 60 * 60 * 24));
// Check if it has been more than 30 days since the last password reset
if (daysSinceReset > 30) {
try {
// Force Password Reset
await requestPasswordChange(event.user.email, event.connection, event.client.client_id);
} catch (error) {
console.error('Failed to send password reset email:', error);
}
api.access.deny("Please reset your password to continue to the application.");
}
}
};
const axios = require('axios');
async function requestPasswordChange(email, connection, clientId) {
const url = 'https://{yourDomain}/dbconnections/change_password'; // Replace {yourDomain} with your actual domain
const payload = {
email: email,
connection: connection,
client_id: clientId
};
try {
const response = await axios.post(url, payload, {
headers: {
'Content-Type': 'application/json'
}
});
console.log('Password change request sent');
} catch (error) {
console.error(error);
}
}
Please note that this piece of code is not 100% ready for production and you must test the code to ensure its functionality meets your requirements.
Thanks,
Rueben