gnu-social/modules/AuthCrypt
2020-07-25 17:42:46 +01:00
..
locale [CORE] Plugin API now extends a new Module API 2019-08-24 01:59:33 +01:00
AuthCryptModule.php [AuthCrypt] Update README and fix formatting 2020-07-25 17:42:46 +01:00
README.md [AuthCrypt] Update README and fix formatting 2020-07-25 17:42:46 +01:00

AuthCrypt allows for GNU social to use password_hash() hashing to store password credentials.

Settings

You can change these settings in config.php with $config['AuthCryptModule'][{setting name}] = {new setting value};.

Default values in parenthesis.

authoritative (false): Set this to true when all passwords are hashed with crypt() (warning: this may disable all other password verification, also when changing passwords!) statusnet (true): Do we check the password against legacy StatusNet md5 hash? (notice: will check password login against old-style hash and if 'overwrite' is enabled update using crypt()) overwrite (true): Do we overwrite old style password hashes with crypt() hashes on password change? (notice: to make use of stronger security or migrate to crypt() hashes, this must be true) password_changeable (true): Enables or disables password changing. (notice: if combined with authoritative, it disables changing passwords and removes option from menu.) autoregistration: This setting is ignored. Password can never be valid without existing User. provider_name: This setting defaults to 'crypt' but is never stored anywhere.

Technical note: Many settings are inherited from the AuthenticationModule class.