Ticket Navigation

Ticket #4634 (reopened enhancement)

Opened 1 year ago

Last modified 11 months ago

User account expiry date, stored in sf_guard_user table

Reported by:	hal	Assigned to:	fabien
Priority:	minor	Milestone:	plugins
Component:	sfGuardPlugin	Version:
Keywords:		Cc:
Qualification:	Unreviewed

Description

Although a great plugin, sfGuard lacks the useful ability to expire a user account, available on most authentication systems. Although sfGuard could obviously be extended to provide this functionality using sfGuardUserProfile, the sfGuardUserProfile table does not seem the correct place to store this data, as the value would need to be checked *every* time a user logs in. If it is stored in the profile, then two tables must be queried compared with just one if it were stored in the sfGuardUser table.

When a user's user/pw credentials match, the user should only be authenticated if the current date is not greater than the account expiry date.

Change History

01/23/09 08:18:37 changed by fabien

status changed from new to closed.
resolution set to wontfix.

This won't be added in the plugin as we cannot add every other feature in it. As you said, it is fairly easy to implement in the profile class.

01/23/09 10:30:53 changed by hal

status changed from closed to reopened.
resolution deleted.

This response is very disappointing. The point is, the profile table is the wrong place for it, as it needs to be checked *every* single time a user logs on, and affects performance if it is located elsewhere. It is this that should be the factor used to decide whether or not to integrate a feature, to ensure that it is a plugin that will be useful to people in the long term.

04/28/09 15:58:30 changed by Rubino

Does sfGuard raise an event Pre/Post signin? It would make it easier to implement this kind of functionality more generically if it did.

Download in other formats:

Comma-delimited Text
Tab-delimited Text
RSS Feed

Development

#4634 (User account expiry date, stored in sf_guard_user table)