1 files changed, 41 insertions, 1 deletions

diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index b6b58fe05..f5a58afad 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -31,9 +31,13 @@ from django.apps import apps
 from django.conf import settings
 from django.contrib.auth import logout
 from django.contrib.auth.decorators import login_required
-from django.contrib.auth.views import redirect_to_login, LoginView as AuthLoginView
+from django.contrib.auth.views import redirect_to_login, LoginView as AuthLoginView, \
+    PasswordChangeView as AuthPasswordChangeView, \
+    PasswordResetConfirmView as AuthPasswordResetConfirmView, \
+    LogoutView as AuthLogoutView
 from django.contrib.contenttypes.models import ContentType
 from django.core.exceptions import ObjectDoesNotExist
+from django.core.cache import cache
 from django.db.models import Q
 from django.template import loader
 from django.forms.models import modelformset_factory
@@ -171,6 +175,42 @@ class LoginView(AuthLoginView):
     form_class = forms.AuthenticationForm
 
 
+class LogoutView(AuthLogoutView):
+    def get(self, request, *args, **kwargs):
+        # clear cache
+        keys = []
+        if request.user and hasattr(request.user, "pk") and request.user.pk:
+            keys.append(f"{settings.PROJECT_SLUG}-password_expired-{request.user.pk}")
+        for key in keys:
+            cache.delete(key)
+        return super().get(request, *args, **kwargs)
+
+
+def update_password_last_update(user):
+    try:
+        ishtar_user = models.IshtarUser.objects.get(pk=user.pk)
+    except models.IshtarUser.DoesNotExist:
+        return
+    ishtar_user.password_last_update = datetime.date.today()
+    ishtar_user.save()
+    key = f"{settings.PROJECT_SLUG}-password_expired-{ishtar_user.pk}"
+    cache.set(key, False, settings.CACHE_TIMEOUT)
+
+
+class PasswordChangeView(AuthPasswordChangeView):
+    def form_valid(self, form):
+        returned = super().form_valid(form)
+        update_password_last_update(form.user)
+        return returned
+
+
+class PasswordResetConfirmView(AuthPasswordResetConfirmView):
+    def form_valid(self, form):
+        returned = super().form_valid(form)
+        update_password_last_update(form.user)
+        return returned
+
+
 person_search_wizard = wizards.PersonSearch.as_view(
     [("general-person_search", forms.PersonFormSelection)],
     label=_("Person search"),