Skip to content

1282 force to user to change password #1494

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 26, 2025
Merged

1282 force to user to change password #1494

merged 1 commit into from
Nov 26, 2025

Conversation

@Nayana-R-Gowda
Copy link
Collaborator

@Nayana-R-Gowda Nayana-R-Gowda commented Nov 24, 2025

  • Enforcing a password reset for the user
  • pylint fix

🐛 Bug-fix PR

Before opening this PR please:

  1. make lint - passes ruff, mypy, pylint
  2. make test - all unit + integration tests green
  3. make coverage - ≥ 90 %
  4. make docker docker-run-ssl or make podman podman-run-ssl
  5. Update relevant documentation.
  6. Tested with sqlite and postgres + redis.
  7. Manual regression no longer fails. Ensure the UI and /version work correctly.

💡 Fix Description

How did you solve it? Key design points.

Blocking screen — must change password to proceed

🧪 Verification

Check Command Status
Lint suite make lint pass
Unit tests make test pass

📐 MCP Compliance (if relevant)

  • Matches current MCP spec
  • No breaking change to MCP clients

✅ Checklist

  • Code formatted (make black isort pre-commit)
  • No secrets/credentials committed

@Nayana-R-Gowda Nayana-R-Gowda force-pushed the 1282_force_to_user_to_change_password branch from b8f71e6 to 6afd020 Compare November 26, 2025 05:43
@crivetimihai crivetimihai self-assigned this Nov 26, 2025
@crivetimihai crivetimihai force-pushed the 1282_force_to_user_to_change_password branch 2 times, most recently from 1be2b7b to 29a6973 Compare November 26, 2025 07:53
@crivetimihai
feat: Force users to change password when using default password (#1282)
8f9c712 
Add password change enforcement for users using default passwords or when
password_change_required flag is set:

- Add password_change_required field to EmailUser model with migration
- Check if user is using default password on login and force change
- Add /admin/change-password-required page with form for password change
- Add admin endpoint to force password change for specific users
- Set password_change_required=true for bootstrap admin user
- Return 403 with X-Password-Change-Required header for API login
- Add Force Password Change button to admin user management UI

Closes #1282

Signed-off-by: Mihai Criveti <[email protected]>
@crivetimihai crivetimihai force-pushed the 1282_force_to_user_to_change_password branch from 29a6973 to 8f9c712 Compare November 26, 2025 08:16
@crivetimihai crivetimihai merged commit f6e1b51 into main Nov 26, 2025
45 checks passed
@crivetimihai crivetimihai deleted the 1282_force_to_user_to_change_password branch November 26, 2025 08:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crivetimihai crivetimihai crivetimihai approved these changes

@kevalmahajan kevalmahajan Awaiting requested review from kevalmahajan

@madhav165 madhav165 Awaiting requested review from madhav165

Assignees

@crivetimihai crivetimihai

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Nayana-R-Gowda @crivetimihai