From 9ce03f0666ae9938fc47672261db08383b5f3cb7 Mon Sep 17 00:00:00 2001
From: Chris <chris@starforge.co.uk>
Date: Wed, 13 Feb 2013 17:27:32 +0000
Subject: [PATCH] Password max age now set in days.

---
 Webperl/AuthMethod/Database.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Webperl/AuthMethod/Database.pm b/Webperl/AuthMethod/Database.pm
index 41df045..5c8a1ba 100644
--- a/Webperl/AuthMethod/Database.pm
+++ b/Webperl/AuthMethod/Database.pm
@@ -393,7 +393,7 @@ sub mark_loginfail {
 #
 # If a password expiration policy is in use, `policy_max_passwordage` should be set
 # in the auth_method_params for the applicable authmethods. The parameter should contain
-# the maximum age of any given password in seconds. If not set, expiration is not
+# the maximum age of any given password in days. If not set, expiration is not
 # enforced.
 #
 # @param userid The ID of the user to check for password change requirement.
@@ -415,7 +415,7 @@ sub force_passchange {
 
     # Check for password expiration based on policy settings
     my $age = time() - ($pass_data -> {"password_set"} || 0); # Handle NULL password_set's sanely
-    return 'expired' if($self -> {"policy_max_passwordage"} && ($age > $self -> {"policy_max_passwordage"}));
+    return 'expired' if($self -> {"policy_max_passwordage"} && ($age > ($self -> {"policy_max_passwordage"} * 86400)));
 
     # Check for temporary passwords
     return 'temporary' if($pass_data -> {"force_change"});