Force to change password after xx days

Hi,
One of security policy in our company is changing password after 30 days. Is there any chance to implement that feature in free version? I dont want to sync SeaFile with LDAP.

I know its bad but I have no influence on it :wink:

If you can add some kind of hook to the users change password you could set the same password for Seafile using the API.

https://manual.seafile.com/develop/web_api_v2.1.html#admin-only-update-account

This wouldn’t force changing the password in Seafile but would change it always when the users changes its password in the central system (supposing there is something like that). You could also disable accounts where the password wasn’t changed using the same API call.

HI faust86,

the idea with the api of shoeper is not bad but I would do it other way round.
I would write a script that is checking for every user in the seafile database for the last change of the password.
If it is more then 30 days then the script is changing the password in the database and sends the user an email with a notfication to “reset” the password.

Best regards,
Christoph