usermanager, mod_auth_*: Add get_account_info() returning creation/update time This is useful for a number of things. For example, listing users that need to rotate their passwords after some event. It also provides a safer way for code to determine that a user password has changed without needing to set a handler for the password change event (which is a more fragile approach).

author: Matthew Wild <mwild1@gmail.com>
date: Tue, 12 Jul 2022 13:14:47 +0100
parent: 12355:a0ff5c438e9d
child: 12669:aed38948791f
--- a/plugins/mod_auth_internal_hashed.lua	Wed Jun 15 23:04:17 2022 +0200
+++ b/plugins/mod_auth_internal_hashed.lua	Tue Jul 12 13:14:47 2022 +0100
@@ -86,11 +86,21 @@
 		account.server_key = server_key_hex
 
 		account.password = nil;
+		account.updated = os.time();
 		return accounts:set(username, account);
 	end
 	return nil, "Account not available.";
 end
 
+function provider.get_account_info(username)
+	local account = accounts:get(username);
+	if not account then return nil, "Account not available"; end
+	return {
+		created = account.created;
+		password_updated = account.updated;
+	};
+end
+
 function provider.user_exists(username)
 	local account = accounts:get(username);
 	if not account then
@@ -115,9 +125,11 @@
 	end
 	local stored_key_hex = to_hex(stored_key);
 	local server_key_hex = to_hex(server_key);
+	local now = os.time();
 	return accounts:set(username, {
 		stored_key = stored_key_hex, server_key = server_key_hex,
-		salt = salt, iteration_count = default_iteration_count
+		salt = salt, iteration_count = default_iteration_count,
+		created = now, updated = now;
 	});
 end