login.yaml 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
  1. enabled: true # Enable the plugin
  2. built_in_css: true # Use built-in CSS
  3. redirect_to_login: false # If you try to access a page you don't have access to, should you redirect to login route
  4. redirect_after_login: false # Path to redirect to after a successful login
  5. redirect_after_logout: true # Path to redirect to after a successful logout
  6. session_user_sync: false # Sync session user with changes in stored user file
  7. route: '/login' # Specific route for Login page (default is '/login')
  8. route_after_login: '/' # Route to go to after login if enabled
  9. route_after_logout: '/' # Route to logout to if enabled
  10. route_activate: '/activate_user' # Route for the user activation process
  11. route_forgot: '/forgot_password' # Route for the forgot password process
  12. route_reset: '/reset_password' # Route for the reset password process
  13. route_profile: '/user_profile' # Route for the user profile page
  14. route_register: '/user_register' # Route for the user registration page
  15. route_unauthorized: '/user_unauthorized' # Route for a page to display if user is unauthorized
  16. twofa_enabled: false # Two factor authentication enabled
  17. dynamic_page_visibility: false # Integrate access into page visibility so things can be shown or hidden in the menu
  18. parent_acl: false # Look to parent `access` rules for access requirements
  19. protect_protected_page_media: false # Take `access` rules into account when directly accessing a page's media
  20. rememberme:
  21. enabled: true # Enable 'remember me' functionality
  22. timeout: 604800 # Timeout in seconds. Defaults to 1 week
  23. name: grav-rememberme # Name prefix of the session cookie
  24. max_pw_resets_count: 2 # Number of password resets in a specific time frame (0 = unlimited)
  25. max_pw_resets_interval: 60 # Time in minutes to track password resets
  26. max_login_count: 5 # Number of failed login attempts in a specific time frame (0 = unlimited)
  27. max_login_interval: 10 # Time in minutes to track login attempts
  28. ipv6_subnet_size: 64 # Size of IPv6 block to track login attempts
  29. user_registration:
  30. enabled: false # Enable User Registration Process
  31. fields: # List of fields to validate and store during user registration
  32. - 'username' # This should match up with your registration form definition
  33. - 'password'
  34. - 'email'
  35. - 'fullname'
  36. - 'title'
  37. - 'level'
  38. - 'twofa_enabled'
  39. default_values: # Any default values for fields you would like to set
  40. level: Newbie # Here the 'level' field will be pre-populated with 'Newbie' text
  41. access: # Default access to set for users created during registration
  42. site:
  43. login: true
  44. redirect_after_registration: '' # Route to redirect to after registration
  45. redirect_after_activation: '' # Route to redirect to after activation
  46. options:
  47. validate_password1_and_password2: true # Ensure that password1 and password2 match during registration (allows you to have just 1 pw field or 2)
  48. set_user_disabled: false # Set this `true` if you want a user to activate their account via email
  49. login_after_registration: false # Automatically login after registration
  50. send_activation_email: false # Send an email that requires a special link to be clicked in order to activate the account
  51. manually_enable: false # When using activation email, don't enable until an admin does it manually
  52. send_notification_email: false # Send an email to the site administrator to indicate a user has registered
  53. send_welcome_email: false # Send a welcome email to the user (probably should not be used with `send_activation_email`