Add Turkish Locale Support and Auto-Redirect on Mandatory Password Change

[Orgenus]

Checklist for Pull Requests

• Have you signed the Contributor License Agreement?

---

Add Turkish Locale Support and Auto-Redirect on Mandatory Password Change

Summary

This PR includes two improvements to the WebUI:

1. Turkish language support in the WebUI language switcher
2. Automatic redirect to change password page when a user or admin is required to change their password at first login

---

Changes

1. Turkish Locale — templates/common/base.html

Added tr (Turkish) as a supported language option in the i18next language map. Previously, if the languages binding configuration included "tr", the language would silently be ignored because there was no matching else if branch in the template loop.

     lngs["zh-CN"] = { nativeName: '简体中文' };
+    //{{- else if eq . "tr" }}
+    lngs.tr = { nativeName: 'Türkçe' };
     //{{- end}}

No changes were needed in the Go backend — Binding.Languages already accepts arbitrary string values without validation.

---

2. Auto-Redirect on Mandatory Password Change — internal/httpd/server.go

Problem: When a user or admin was required to change their password (MustChangePassword / RequirePasswordChange), after successful login they were redirected to the normal landing page (/web/client/files or /web/admin/users). The checkAuthRequirements middleware would then block every page with a Forbidden error, leaving the user with no clear path forward.

Solution: Added an explicit redirect to the change password page immediately after a successful login, before the normal landing page redirect.

• Web Client (loginUser): If user.MustChangePassword() is true, redirect to webChangeClientPwdPath (/web/client/changepwd)
• Web Admin (loginAdmin): If admin.Filters.RequirePasswordChange is true, redirect to webChangeAdminPwdPath (/web/admin/changepwd)

 updateLoginMetrics(user, dataprovider.LoginMethodPassword, ipAddr, err, r)
 dataprovider.UpdateLastLogin(user)
+if user.MustChangePassword() {
+    http.Redirect(w, r, webChangeClientPwdPath, http.StatusFound)
+    return
+}

 dataprovider.UpdateAdminLastLogin(admin)
 common.DelayLogin(nil)
+if admin.Filters.RequirePasswordChange {
+    http.Redirect(w, r, webChangeAdminPwdPath, http.StatusFound)
+    return
+}

Note: The existing checkAuthRequirements middleware continues to enforce access restrictions on all other pages when the password change requirement is active. This change complements that behavior by guiding the user directly to the correct page instead of leaving them on a blocked screen.

---

Files Changed

File	Change
templates/common/base.html	Added tr (Turkish) locale entry
internal/httpd/server.go	Redirect to changepwd on mandatory password change for both client and admin login flows

[CLAassistant]

All committers have signed the CLA.

[drakkan]

Thanks for the contribution and for taking the time to put this together.

For translations, please submit them via Crowdin, as a PR is not required for that. Also, please note that keeping the footer is necessary for proper attribution, as required by the AGPLv3 and the additional notice.

The auto-redirect could be a useful improvement. However, in general, it’s better to keep PRs focused on a single change, as this makes them easier to review. In its current form, this PR is quite broad and difficult to review effectively.

I also noticed some issues in the modified HTML (e.g., CSP compliance) that would need to be addressed.

I’d recommend becoming a bit more familiar with the codebase before submitting changes, so you can better guide any tools you’re using and ensure the changes align with the project’s requirements.

Of course, you’re welcome to keep and use these changes in the current form in your own repository, in accordance with the project license, if they are useful for your use case.