Configuration
BitAuth has the following configuration options available:
| Config | Default Value | Options | Description |
|---|---|---|---|
| require_user_activation | TRUE | TRUE, FALSE | If set to TRUE, users must be activated before they are able to login. |
| default_group_id | 2 | Any Existing Group ID | The group_id of the default group users will be added to when they register. NOTE: This group's roles will not be inherited by the user until they are activated. |
| remember_token_name | rememberme | Name of the cookie where the "Remember Me" token is stored. This value is prefixed with cookie_prefix value in config.php, if one is set. |
|
| remember_token_expires | 604800 (7 days) | Number of seconds that the "Remember Me" token lasts before expiring. Once this time has passed, the user will need to login again the next time they visit. |
|
| remember_token_updates | TRUE | TRUE, FALSE | If set to TRUE, the timer on the "Remember Me" token will reset every time this user revisits the site. |
| pwd_max_age | 90 | Number of days a password is valid for. Once this time has passed, a user cannot login, and must have their password reset by an administrator or through the "Forgot Password" page. To disable, set to FALSE. |
|
| pwd_age_notification | 7 | Number of days before password expiration that a user is notified. Once inside this number of days, the user will be directed to a form to change their password every time they login automatically. To disable, set to FALSE. |
|
| pwd_min_length | 8 | Minimum required length of passwords. To disable, set to FALSE. |
|
| pwd_max_length | 20 | Maximum allowable length of passwords. To disable, set to FALSE. |
|
| pwd_complexity | Uppercase: 1 Numbers: 1 Special Chars: 0 |
Minimum number of each type of character required for a password to valid. To disable requirements for any type of character, set that value to 0. |
|
| pwd_complexity_chars | Uppercase: [[:upper:]] Numbers: [[:digit:]] Special Chars: [[:punct:]] Spaces: \s |
The regular expression for each type of character. The default values should be language independent, so you should not need to change them. |
|
| log_logins | TRUE | TRUE,FALSE | Whether or not to log login attemps. Setting this to FALSE effectively disables locking out users from invalid login attemps. |
| invalid_logins | 3 | How many invalid logins a user gets before they are locked out. |
|
| mins_login_attempts | 5 | Number of minutes between invalid login attemps where a user will be locked out. |
|
| mins_locked_out | 10 | Number of minutes before a locked account is unlocked. |
|
| table | Users: bitauth_users Data: bitauth_userdata Groups: bitauth_groups Assoc: bitauth_assoc Logins: bitauth_logins |
The tables used by BitAuth. If you have changed these in your database, you should change them here.
|
|
| phpass_iterations | 8 | Base-2 logarithm of the iteration count used for password stretching by Phpass. See: http://en.wikipedia.org/wiki/Key_strengthening. |
|
| phpass_portable | FALSE | Require the hashes to be portable to older systems. If FALSE, phpass' preferred hashing method is CRYPT_BLOWFISH, with a fallback to CRYPT_EXT_DES, and then a final fallback to the "portable" hashes. See: http://www.openwall.com/articles/PHP-Users-Passwords. |
|
| date_format | Y-m-d H:i:s | What format BitAuth stores timestamps in. Defaults to the MySQL DATETIME format. To use unix timestamps, change this value to 'U' (in addition to changing your DB structure). |
|
| roles |
This is where all of your roles are stored. There is only one role required by BitAuth, admin. This should always be the first listed. You can read more about roles at Creating Roles. |