I want to be able to set an option in the user's settings that forces them to change their password upon the next login to the admin interface. Is this possible? How would it go about being implemented? I'm using the default auth model right now but not opposed to modifying or changing it. Thanks for any help.
views:
48answers:
1
+3
Q:
Is it possible to implement a "change password at next logon" type feature in the django admin?
+1
A:
From a thread on the Django Users mailing list:
This isn't ideal, but it should work (or prompt someone to propose something better).
Add a one-to-one table for the user, with a field containing the initial password (encrypted, of course, so it looks like the password in the
auth_usertable).When the user logs in, have the login page check to see if the passwords match. If they do, redirect to the password change page instead of the normal redirect page.
Dominic Rodger
2010-01-19 13:12:48
Would that prevent users from simply navigating away from the change password page and going somewhere else? (without ever changing their password)
bparker
2010-01-19 14:54:58