Users logging in past the temporary invitation expiry date
danmurf - May 9, 2008 - 18:17
| Project: | Temporary Invitation |
| Version: | 5.x-2.2 |
| Component: | Miscellaneous |
| Category: | task |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
Hi
Is there a way user accounts can be deleted/blocked once their invitation has expired? It seems that it's only the invitation that expires, not the user account. So, if the user logs in, changes their email/password, they can continue to log in past the temporary invitation period. Is there anyway to get around this?
Many thanks
#1
Oh wow, I didn't consider that users could log in with their normal accounts as well.
Temporary Invitation (or rather, Login Ticket API) checks if invitations (i.e. login tickets) are expired even though the account still exists. That falls down when the user doesn't log in using the login code, though.
This issue will definitely be tackled during the Drupal 6 port of this module, maybe even before I port it so that the changes can be fed back to the Drupal 5 version.