search

petabi / review-database

Storage subsystem for REview
Apache License 2.0
1 stars 7 forks source link

Introduce `PasswordPolicy` for password expiration period #326

Closed henry0715-dev closed 2 months ago

henry0715-dev commented 3 months ago

Pre-work is required in "Review-Database" to add password-related logic in "Review-WEB". The account policy to be added is as follows: b"password expiration period".

expiry_period_in_secs This seems to be being used as a value for the expiration of the login session. I need to save a different value so that you can check the password expiration date.

We need to implement CRUD functionality for the value of "password expiration period." To achieve this, it is necessary to determine whether to add a new field to the AccountPolicy or to declare a separate structure for this purpose.

  1. Adding a new field: Modify all the functions that are currently in use. 
    #[derive(Serialize, Deserialize)]
pub struct AccountPolicy {
pub(crate) expiry_period_in_secs: u32,
pub(crate) expiry_password_period_in_days: u32,
}
  2. Adding a new structure 
    #[derive(Serialize, Deserialize)]
pub struct PasswordPolicy {
pub(crate) expiry_password_period_in_days: u32,
}

I would like to ask for your opinion on which approach, between option 1 and option 2, would be preferable for implementation. Henry is scheduled to carry out this task.

reference https://github.com/aicers/review-web/issues/41 https://github.com/aicers/review-web/issues/42

henry0715-dev commented 2 months ago

I'll work with option 2.

sophie-cluml commented 2 months ago

I think https://github.com/aicers/review-web/issues/41 suggests option 2, and I agree with your choice.

henry0715-dev commented 2 months ago

We plan to proceed after the #100 issue is processed, so we will close the current issue.