lonnieezell / myth-auth

One-stop Auth package for CodeIgniter 4
MIT License
633 stars 207 forks source link

php spark auth:create_user command not force user to create a password at first login attempt #556

Closed manageruz closed 2 years ago

manageruz commented 2 years ago

According to the documentation create_user command creates the new user with only the username and email fields propagated, so the user will be forced to create a password at first login attempt. But if we have a look to the code of CreateUser.php file:

public function run(array $params = [])
{
        $row = [
            'active'   => 1,
            'password' => bin2hex(random_bytes(24)),
        ];

        $row['username'] = array_shift($params);
         if (empty($row['username'])) {
            $row['username'] = CLI::prompt('Username', null, 'required');
        }

        $row['email'] = array_shift($params);
        if (empty($row['email'])) {
            $row['email'] = CLI::prompt('Email', null, 'required');
        }

        $user = new User($row);
        $users = model(UserModel::class);
        if ($userId = $users->insert($user)) {
        // rest of code ...
}

value for the 'force_pass_reset' not set. Default value is 0. I think we should add $user->forcePasswordReset(); before to save.

MGatner commented 2 years ago

Sounds good to me! Would you send over a Pull Request?

manageruz commented 2 years ago

Yes, of course.