xref: /plugin/pureldap/action/expiry.php (revision fde03b26149f0ebff6109fe8c2d86025aab47455) 
1<?php
2
3/**
4 * DokuWiki Plugin pureldap (Action Component)
5 *
6 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
7 * @author  Andreas Gohr <andi@splitbrain.org>
8 */
9class action_plugin_pureldap_expiry extends \dokuwiki\Extension\ActionPlugin
10{
11    /** @inheritDoc */
12    public function register(Doku_Event_Handler $controller)
13    {
14        global $conf;
15        // the plugin might be enabled, but not used
16        if ($conf['authtype'] !== 'authpureldap') return;
17
18        $controller->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'handlePasswordExpiry');
19    }
20
21    /**
22     * Handle password expiry
23     *
24     * On each page load, check if the user's password is about to expire and display a warning if so.
25     *
26     * @see https://www.dokuwiki.org/devel:events:DOKUWIKI_STARTED
27     * @param Doku_Event $event Event object
28     * @param mixed $param optional parameter passed when event was registered
29     * @return void
30     */
31    public function handlePasswordExpiry(Doku_Event $event, $param)
32    {
33        global $auth;
34        global $ID;
35        global $lang;
36        global $INPUT;
37
38        $user = $INPUT->server->str('REMOTE_USER');
39        if (!$user) return; // no user logged in
40        $userdata = $auth->getUserData($user);
41
42        $warn = $auth->client->getConf('expirywarn'); // days before expiry to warn
43        if (!$warn) return; // no warning configured
44        $max = $auth->client->getMaxPasswordAge(); // max password age in seconds
45        if (!$max) return; // no max password age configured
46        $lastchange = $userdata['lastpwd'] ?? 0; // last password change timestamp
47        if (!$lastchange) return;
48        $expires = $userdata['expires'] ?? false; // password expires
49        if (!$expires) return;
50
51        $warn = $warn * 24 * 60 * 60; // convert to seconds
52        $expiresin = ($lastchange + $max) - time(); // seconds until password expires
53        if ($expiresin > $warn) return; // not yet time to warn
54        $days = ceil($expiresin / (24 * 60 * 60)); // days until password expires
55
56        // prepare and show message
57        $msg = sprintf($this->getLang('pwdexpire'), $days);
58        if ($auth->canDo('modPass')) {
59            $url = wl($ID, ['do' => 'profile']);
60            $msg .= ' <a href="' . $url . '">' . $lang['btn_profile'] . '</a>';
61        }
62        msg($msg);
63    }
64}
65
66