New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

配置了密码有效期,升级到3.2.0后用户无法登陆 #145

Closed
apexliu opened this Issue Jan 14, 2019 · 1 comment

Comments

1 participant
@apexliu
Copy link
Contributor

apexliu commented Jan 14, 2019

现象:

  • 升级到3.2.0版时,如果之前版本在后台管理界面配置了用户密码有效期,升级之后可能无法登陆。

原因:

  • 3.2.0版本实现了密码有效期检查;
  • 早期版本的密码有效期功能并未实现,因此即使已经过期,也不会禁止登陆,升级到3.2.0版时密码早已过期,导致无法登陆;
  • 早期的某些版本创建用户时,并未设置用户的“密码的最后修改时间”为创建时间,默认值为0,因此升级到3.2.0版本后,密码时钟处于过期状态,导致无法登陆;

临时解决办法:

  • 如果有配置邮件服务,可以自行重置密码,然后再登录;
  • 或,修改数据库,将密码有效期的配置项设为0,关闭此特性;
  • 或,修改数据库,将管理员的密码最后修改时间设为当前时间,然后管理员登录,并为其他用户重置密码;

下个版本进行修正:

  • 密码已经过期时,用户在登录界面登录后会跳转到修改密码界面,必须先修改密码后方可继续使用。

@apexliu apexliu added the bug label Jan 14, 2019

@apexliu apexliu self-assigned this Jan 14, 2019

@apexliu apexliu added this to 正在执行 in TELEPORT Jan 14, 2019

@apexliu

This comment has been minimized.

Copy link
Contributor Author

apexliu commented Jan 15, 2019

已在 f341991 修正。

@apexliu apexliu closed this Jan 23, 2019

@apexliu apexliu moved this from 正在执行 to 已完成 in TELEPORT Jan 23, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment