How to force a user to reset password

Hi @tanner.stirrat,

Thanks for the update.

If you require the password expiration to be applied conditionally, you might need to write a custom post-login action script to handle this scenario.

Here’s a sample code you can use to adapt to your use case:

exports.onExecutePostLogin = async (event, api) => {
  // Get the user's last password reset timestamp
 const lastPasswordReset = event.user.last_password_reset;

  // Check if the last password reset timestamp exists
  if (lastPasswordReset) {
    // Convert lastPasswordReset to a Date object
    const lastResetDate = new Date(lastPasswordReset);

    // Get the current date
    const currentDate = new Date();

    // Calculate the difference in days between the current date and the last password reset
    const daysSinceReset = Math.floor((currentDate - lastResetDate) / (1000 * 60 * 60 * 24));

    // Check if it has been more than 30 days since the last password reset
    if (daysSinceReset > 30) {
      try {
        // Force Password Reset
        await requestPasswordChange(event.user.email, event.connection, event.client.client_id);
      } catch (error) {
        console.error('Failed to send password reset email:', error);
      }
      api.access.deny("Please reset your password to continue to the application.");
    }
  } 
};

const axios = require('axios');

async function requestPasswordChange(email, connection, clientId) {
  const url = 'https://{yourDomain}/dbconnections/change_password'; // Replace {yourDomain} with your actual domain
  const payload = {
    email: email,
    connection: connection,
    client_id: clientId
  };

  try {
    const response = await axios.post(url, payload, {
      headers: {
        'Content-Type': 'application/json'
      }
    });
    console.log('Password change request sent');
  } catch (error) {
    console.error(error);
  }
}

Please note that this piece of code is not 100% ready for production and you must test the code to ensure its functionality meets your requirements.

Thanks,
Rueben