permanent
clone your own copy | download snapshot

Snapshots | iceberg

Inside this repository

login.yaml
text/plain

Download raw (4.2 KB)

enabled: true                               # Enable the plugin
built_in_css: true                          # Use built-in CSS
redirect_to_login: false                    # If you try to access a page you don't have access to, should you redirect to login route
redirect_after_login: false                 # Path to redirect to after a successful login
redirect_after_logout: true                 # Path to redirect to after a successful logout
session_user_sync: false                    # Sync session user with changes in stored user file

route: '/login'                             # Specific route for Login page (default is '/login')
route_after_login: '/'                      # Route to go to after login if enabled
route_after_logout: '/'                     # Route to logout to if enabled
route_activate: '/activate_user'            # Route for the user activation process
route_forgot: '/forgot_password'            # Route for the forgot password process
route_reset: '/reset_password'              # Route for the reset password process
route_profile: '/user_profile'              # Route for the user profile page
route_register: '/user_register'            # Route for the user registration page
route_unauthorized: '/user_unauthorized'    # Route for a page to display if user is unauthorized

twofa_enabled: false                        # Two factor authentication enabled
dynamic_page_visibility: false              # Integrate access into page visibility so things can be shown or hidden in the menu
parent_acl: false                           # Look to parent `access` rules for access requirements
protect_protected_page_media: false         # Take `access` rules into account when directly accessing a page's media

rememberme:
  enabled: true                             # Enable 'remember me' functionality
  timeout: 604800                           # Timeout in seconds. Defaults to 1 week
  name: grav-rememberme                     # Name prefix of the session cookie

max_pw_resets_count: 2                      # Number of password resets in a specific time frame (0 = unlimited)
max_pw_resets_interval: 60                  # Time in minutes to track password resets
max_login_count: 5                          # Number of failed login attempts in a specific time frame (0 = unlimited)
max_login_interval: 10                      # Time in minutes to track login attempts
ipv6_subnet_size: 64                        # Size of IPv6 block to track login attempts

user_registration:
  enabled: false                            # Enable User Registration Process

  fields:                                   # List of fields to validate and store during user registration
    - 'username'                            # This should match up with your registration form definition
    - 'password'
    - 'email'
    - 'fullname'
    - 'title'
    - 'level'
    - 'twofa_enabled'

  default_values:                           # Any default values for fields you would like to set
    level: Newbie                           # Here the 'level' field will be pre-populated with 'Newbie' text

  access:                                   # Default access to set for users created during registration
    site:
      login: 'true'

  redirect_after_registration: ''           # Route to redirect to after registration
  redirect_after_activation: ''             # Route to redirect to after activation

  options:
    validate_password1_and_password2: true  # Ensure that password1 and password2 match during registration (allows you to have just 1 pw field or 2)
    set_user_disabled: false                # Set this `true` if you want a user to activate their account via email
    login_after_registration: false         # Automatically login after registration
    send_activation_email: false            # Send an email that requires a special link to be clicked in order to activate the account
    manually_enable: false                  # When using activation email, don't enable until an admin does it manually
    send_notification_email: false          # Send an email to the site administrator to indicate a user has registered
    send_welcome_email: false               # Send a welcome email to the user (probably should not be used with `send_activation_email`