I’ll try to describe what I need and the difficulty I have.
ChallengeWhen user logs in, check password strength and if it is weak, do one of these, until the user changes the password with a strong one:
- Show a message (popup) only once after every login.
- Or, redirect to change password app (custom app), only after login.
If password is strong enough, continue to general default app.
What I triedI wrote a custom app to do this (types: authentication and prelogin). And tried the following approaches:
- Check password strength and save result on the database for later use. (DONE)
- Set a hook on post_login. (DONE)
- Make the hook do a redirect or popup (DON’T KNOW HOW)
- Popup: Copy code from firstrunwizard, couldn’t make it to work and it’s not recommended to load scripts on “app.php”. (NOT WORKING)
- Redirect: Go to custom app if password is weak. (DON’T KNOW HOW)
- Redirect: Change user landing page if password is weak. (DON’T KNOW HOW)
Another option could be to move this logic to a modified firstrunwizard…
Any hint is welcome.