Make password expiration possible for all users

[stanim]

For our application we need password expiration for all users. In order to implement this we would introduce a new setting: ACCOUNT_PASSWORD_EXPIRY_SKIP (string) which would default to "staff" for backwards compatibility. Other values could be: "none" and "superuser". This would be coded in ExpiredPasswordMiddleware.

We could provide a pull request if the project is open to it. Let us know what you think.

[ekobayu]

Hi @stanim , Sorry maybe I'm in wrong room, I want to ask about password expiry. I have been setup and followed instructions in here https://django-user-accounts.readthedocs.io/en/latest/usage.html#enabling-password-expiration

But nothing changes or happen when new register user have been signup. I have been setup account expiry in 60 seconds and nothing changes for password expiry.

Did I miss something ?

Thanks

[jonathan-s]

@ekobayu Was it for a staff user, right now the middleware only works for staff users. @stanim I'd also add it's pretty easy to just switch out the middleware for a middleware that works for all users.