Hello Everyone, n00b module developer here, so please be kind!

I've written a user login action module that checks against custom profile fields to determine the status of imported users, and then redirects them to an appropriate landing page.

I need to determine if the user is logging in for the first time, either by using the one-time link in the registration email or directly logging in using the one-time password sent in the email.

Does anyone know how I can find out if the login event is the first login, so that I can continue to redirect them to the edit account pages to change their password?

As mine is an advanced action, I have both the user object and the context available to me in the function.

Thanks!

Comments

mradcliffe’s picture

The easiest way I was able to do this was by creating an additional role. Users who login are immediately assigned that role (via rules is the easiest). However, this does not mean that the first-time user *will* change their password. Instead you probably are going to have to compare their current password has with whatever the one-time password hash is, and then add them to the role or do whatever from there (less than 50 lines of code for a token module to enable this).

In my experience, users will ignore any warnings if they can use the site properly. Forcing user password changes only works if a user cannot operate the site fully.

jaybee1001’s picture

Thanks for the suggestion, I'll have a play with a temporary role, but I am very surprised that there is nothing I can hook into that flags this as the first login event. I would have thought that Drupal itself needs to know this to process the sign-up?

gwen’s picture

I needed first time login as well and found that my trick of checking if $account->login was set in hook_user()'s "login" case no longer worked in drupal 6, so I did some digging and came up with this alternate:

function example_user($op, &$edit, &$account, $category = NULL) {
  switch ($op) {
    case 'insert':
      $edit['first_time_login'] = 1;
      break;
    case 'login':
      $data = unserialize($account->data);
      if ($data['first_time_login']) {
        user_save($account, array('first_time_login' => 0)); 

        // your custom code

      }
      break;
  }
}

Hope this helps!

neilnz’s picture

This is a good solution, thanks!

I implemented it with a couple of changes though.

Your

$data = unserialize($account->data);
      if ($data['first_time_login']) {

is unnecessary, because Drupal automatically unserializes data into $account, so I just did:

      if ($account->first_time_login) {
        // Do stuff
        user_save($account, array('first_time_login' => null));
      }

Note that if you set first_time_login to null (rather than 0), it'll get deleted from the user table entirely so you don't have a boolean field sitting around forever that is no longer useful.

sirkitree’s picture

Here is a solution I recently came up with for this: http://bit.ly/a6s4Xk


~Professional: Lullabot
~Personal: jeradbitner.com

afox’s picture

For future reference, I created a module to handle future logins with the context-module. http://drupal.org/project/first_login creates a context condition plugin and views handlers as well as couple useful set/get functions for custom handling.

Currently D6 is available, D7 version is coming soon.