ENGCOM-2007: [Backport] Fix issue #14895 - Change Password warning message appear two times #15774

Author: Stanislav Idolov

app/code/Magento/User/Model/User.php

@@ -47,6 +47,8 @@ class User extends AbstractModel implements StorageInterface, UserInterface
     /** @deprecated */
     const XML_PATH_RESET_PASSWORD_TEMPLATE = 'admin/emails/reset_password_template';
 
+    const MESSAGE_ID_PASSWORD_EXPIRED = 'magento_user_password_expired';
+
     /**
      * Model event prefix
      *

app/code/Magento/User/Observer/Backend/AuthObserver.php

@@ -149,7 +149,7 @@ public function execute(EventObserver $observer)
     /**
      * Update locking information for the user
      *
-     * @param \Magento\User\Model\User $user
+     * @param User $user
      * @return void
      */
     private function _updateLockingInformation($user)
@@ -195,10 +195,16 @@ private function _checkExpiredPassword($latestPassword)
                 $myAccountUrl = $this->url->getUrl('adminhtml/system_account/');
                 $message = __('It\'s time to <a href="%1">change your password</a>.', $myAccountUrl);
             }
+
+            $messages = $this->messageManager->getMessages();
+
+            // Remove existing messages with same ID to avoid duplication
+            $messages->deleteMessageByIdentifier(User::MESSAGE_ID_PASSWORD_EXPIRED);
+
             $this->messageManager->addNoticeMessage($message);
-            $message = $this->messageManager->getMessages()->getLastAddedMessage();
+            $message = $messages->getLastAddedMessage();
             if ($message) {
-                $message->setIdentifier('magento_user_password_expired')->setIsSticky(true);
+                $message->setIdentifier(User::MESSAGE_ID_PASSWORD_EXPIRED)->setIsSticky(true);
                 $this->authSession->setPciAdminUserIsPasswordExpired(true);
             }
         }

app/code/Magento/User/Observer/Backend/TrackAdminNewPasswordObserver.php

@@ -8,6 +8,7 @@
 
 use Magento\Framework\Event\Observer as EventObserver;
 use Magento\Framework\Event\ObserverInterface;
+use Magento\User\Model\User;
 
 /**
  * User backend observer model for passwords
@@ -74,7 +75,7 @@ public function execute(EventObserver $observer)
             $passwordHash = $user->getPassword();
             if ($passwordHash && !$user->getForceNewPassword()) {
                 $this->userResource->trackPassword($user, $passwordHash);
-                $this->messageManager->getMessages()->deleteMessageByIdentifier('magento_user_password_expired');
+                $this->messageManager->getMessages()->deleteMessageByIdentifier(User::MESSAGE_ID_PASSWORD_EXPIRED);
                 $this->authSession->unsPciAdminUserIsPasswordExpired();
             }
         }