wiki-grav/plugins/login/login.yaml

65 lines
4.4 KiB
YAML
Raw Normal View History

enabled: true # Enable the plugin
built_in_css: true # Use built-in CSS
redirect_to_login: false # If you try to access a page you don't have access to, should you redirect to login route
redirect_after_login: false # Path to redirect to after a successful login
redirect_after_logout: true # Path to redirect to after a successful logout
session_user_sync: false # Sync session user with changes in stored user file
site_host: # Site host to use for email links. Enhances security by ensuring links are to the correct host (e.g. https://foo.com)
route: '/login' # Specific route for Login page (default is '/login')
route_after_login: '/' # Route to go to after login if enabled
route_after_logout: '/' # Route to logout to if enabled
route_activate: '/activate_user' # Route for the user activation process
route_forgot: '/forgot_password' # Route for the forgot password process
route_reset: '/reset_password' # Route for the reset password process
route_profile: '/user_profile' # Route for the user profile page
route_register: '/user_register' # Route for the user registration page
route_unauthorized: '/user_unauthorized' # Route for a page to display if user is unauthorized
twofa_enabled: false # Two factor authentication enabled
dynamic_page_visibility: false # Integrate access into page visibility so things can be shown or hidden in the menu
parent_acl: false # Look to parent `access` rules for access requirements
protect_protected_page_media: false # Take `access` rules into account when directly accessing a page's media
rememberme:
enabled: true # Enable 'remember me' functionality
timeout: 604800 # Timeout in seconds. Defaults to 1 week
name: grav-rememberme # Name prefix of the session cookie
max_pw_resets_count: 2 # Number of password resets in a specific time frame (0 = unlimited)
max_pw_resets_interval: 60 # Time in minutes to track password resets
max_login_count: 5 # Number of failed login attempts in a specific time frame (0 = unlimited)
max_login_interval: 10 # Time in minutes to track login attempts
ipv6_subnet_size: 64 # Size of IPv6 block to track login attempts
user_registration:
enabled: false # Enable User Registration Process
fields: # List of fields to validate and store during user registration
- 'username' # This should match up with your registration form definition
- 'password'
- 'email'
- 'fullname'
- 'title'
- 'level'
- 'twofa_enabled'
default_values: # Any default values for fields you would like to set
level: Newbie # Here the 'level' field will be pre-populated with 'Newbie' text
access: # Default access to set for users created during registration
site:
login: true
redirect_after_registration: '' # Route to redirect to after registration
redirect_after_activation: '' # Route to redirect to after activation
options:
validate_password1_and_password2: true # Ensure that password1 and password2 match during registration (allows you to have just 1 pw field or 2)
set_user_disabled: false # Set this `true` if you want a user to activate their account via email
login_after_registration: false # Automatically login after registration
send_activation_email: false # Send an email that requires a special link to be clicked in order to activate the account
manually_enable: false # When using activation email, don't enable until an admin does it manually
send_notification_email: false # Send an email to the site administrator to indicate a user has registered
send_welcome_email: false # Send a welcome email to the user (probably should not be used with `send_activation_email`