Commit b43062ad authored by Committed by Nigel McNie
Added checking for if a user's account is expired or suspended, and check
those things at the appropriate moments. Suspended/expired users can't log in. Made sure that password change checking is done in the correct places when a user has logged in. Fixed some subtle authentication bugs, such as when a session times out immediately after logging in, where before the behaviour was undefined.
Showing with 60 additions and 15 deletions