/** * Save current admin password to prevent its usage when changed in the future. * * @param EventObserver $observer * @return void */ public function execute(EventObserver $observer) { /* @var $user \Magento\User\Model\User */ $user = $observer->getEvent()->getObject(); if ($user->getId()) { $passwordHash = $user->getPassword(); $passwordLifetime = $this->observerConfig->getAdminPasswordLifetime(); if ($passwordLifetime && $passwordHash && !$user->getForceNewPassword()) { $this->userResource->trackPassword($user, $passwordHash, $passwordLifetime); $this->messageManager->getMessages()->deleteMessageByIdentifier('magento_user_password_expired'); $this->authSession->unsPciAdminUserIsPasswordExpired(); } } }