@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
First go at Authentication config options.
Test Plan: Looked at them in the web UI.
Reviewers: epriestley, chad, btrahan
Reviewed By: epriestley
CC: aran, Korvin
Maniphest Tasks: T2255
Differential Revision: https://secure.phabricator.com/D4355
authored by
Ricky Elrod
and committed by
epriestley
9aa772ed
49b84218
+122
+2
src/__phutil_library_map__.php
+2
src/__phutil_library_map__.php
···
649
649
'PhabricatorAuditReplyHandler' => 'applications/audit/PhabricatorAuditReplyHandler.php',
650
650
'PhabricatorAuditStatusConstants' => 'applications/audit/constants/PhabricatorAuditStatusConstants.php',
651
651
'PhabricatorAuthController' => 'applications/auth/controller/PhabricatorAuthController.php',
652
+
'PhabricatorAuthenticationConfigOptions' => 'applications/config/option/PhabricatorAuthenticationConfigOptions.php',
652
653
'PhabricatorBarePageExample' => 'applications/uiexample/examples/PhabricatorBarePageExample.php',
653
654
'PhabricatorBarePageView' => 'view/page/PhabricatorBarePageView.php',
654
655
'PhabricatorBaseEnglishTranslation' => 'infrastructure/internationalization/PhabricatorBaseEnglishTranslation.php',
···
1999
2000
'PhabricatorAuditPreviewController' => 'PhabricatorAuditController',
2000
2001
'PhabricatorAuditReplyHandler' => 'PhabricatorMailReplyHandler',
2001
2002
'PhabricatorAuthController' => 'PhabricatorController',
2003
+
'PhabricatorAuthenticationConfigOptions' => 'PhabricatorApplicationConfigOptions',
2002
2004
'PhabricatorBarePageExample' => 'PhabricatorUIExample',
2003
2005
'PhabricatorBarePageView' => 'AphrontPageView',
2004
2006
'PhabricatorBaseEnglishTranslation' => 'PhabricatorTranslation',
+120
src/applications/config/option/PhabricatorAuthenticationConfigOptions.php
+120
src/applications/config/option/PhabricatorAuthenticationConfigOptions.php
···
1
+
<?php
2
+
3
+
final class PhabricatorAuthenticationConfigOptions
4
+
extends PhabricatorApplicationConfigOptions {
5
+
6
+
public function getName() {
7
+
return pht("Authentication");
8
+
}
9
+
10
+
public function getDescription() {
11
+
return pht("Options relating to authentication.");
12
+
}
13
+
14
+
public function getOptions() {
15
+
return array(
16
+
$this->newOption(
17
+
'auth.password-auth-enabled', 'bool', true)
18
+
->setOptions(
19
+
array(
20
+
pht("Allow password authentication"),
21
+
pht("Don't allow password authentication")))
22
+
->setSummary(pht("Enables password-based authentication."))
23
+
->setDescription(
24
+
pht(
25
+
"Can users login with a username/password, or by following the ".
26
+
"link from a password reset email? You can disable this and ".
27
+
"configure one or more OAuth providers instead.")),
28
+
$this->newOption('auth.sessions.web', 'int', 5)
29
+
->setSummary(
30
+
pht("Number of web sessions a user can have simultaneously."))
31
+
->setDescription(
32
+
pht(
33
+
"Maximum number of simultaneous web sessions each user is ".
34
+
"permitted to have. Setting this to '1' will prevent a user from ".
35
+
"logging in on more than one browser at the same time.")),
36
+
$this->newOption('auth.sessions.conduit', 'int', 5)
37
+
->setSummary(
38
+
pht(
39
+
"Number of simultaneous Conduit sessions each user is permitted."))
40
+
->setDescription(
41
+
pht(
42
+
"Maximum number of simultaneous Conduit sessions each user is ".
43
+
"permitted to have.")),
44
+
$this->newOption('auth.sshkeys.enabled', 'bool', false)
45
+
->setOptions(
46
+
array(
47
+
pht("Enable SSH key storage"),
48
+
pht("Disable SSH key storage")))
49
+
->setSummary(
50
+
pht("Allow users to associate SSH keys with their accounts."))
51
+
->setDescription(
52
+
pht(
53
+
"Set this true to enable the Settings -> SSH Public Keys panel, ".
54
+
"which will allow users to associated SSH public keys with their ".
55
+
"accounts. This is only really useful if you're setting up ".
56
+
"services over SSH and want to use Phabricator for ".
57
+
"authentication; in most situations you can leave this ".
58
+
"disabled.")),
59
+
$this->newOption('auth.require-email-verification', 'bool', false)
60
+
->setOptions(
61
+
array(
62
+
pht("Require email verification"),
63
+
pht("Don't require email verification")))
64
+
->setSummary(
65
+
pht("Require email verification before a user can log in."))
66
+
->setDescription(
67
+
pht(
68
+
"If true, email addresses must be verified (by clicking a link ".
69
+
"in an email) before a user can login. By default, verification ".
70
+
"is optional unless 'auth.email-domains' is nonempty.")),
71
+
$this->newOption('auth.email-domains', 'list<string>', array())
72
+
->setSummary(pht("Only allow registration from particular domains."))
73
+
->setDescription(
74
+
pht(
75
+
"You can restrict allowed email addresses to certain domains ".
76
+
"(like 'yourcompany.com') by setting a list of allowed domains ".
77
+
"here. Users will only be allowed to register using email ".
78
+
"addresses at one of the domains, and will only be able to add ".
79
+
"new email addresses for these domains. If you configure this, ".
80
+
"it implies 'auth.require-email-verification'.\n\n".
81
+
"You should omit the '@' from domains. Note that the domain must ".
82
+
"match exactly. If you allow 'yourcompany.com', that permits ".
83
+
"'joe@yourcompany.com' but rejects 'joe@mail.yourcompany.com'."))
84
+
->addExample(
85
+
"yourcompany.com\nmail.yourcompany.com",
86
+
pht('Valid Setting')),
87
+
$this->newOption('auth.login-message', 'string', null)
88
+
->setLocked(true)
89
+
->setSummary(pht("A block of HTML displayed on the login screen."))
90
+
->setDescription(
91
+
pht(
92
+
"You can provide an arbitrary block of HTML here, which will ".
93
+
"appear on the login screen. Normally, you'd use this to provide ".
94
+
"login or registration instructions to users.")),
95
+
$this->newOption('account.editable', 'bool', true)
96
+
->setOptions(
97
+
array(
98
+
pht("Allow editing"),
99
+
pht("Prevent editing")))
100
+
->setSummary(
101
+
pht(
102
+
"Determines whether or not basic account information is ".
103
+
"editable."))
104
+
->setDescription(
105
+
pht(
106
+
"Is basic account information (email, real name, profile ".
107
+
"picture) editable? If you set up Phabricator to automatically ".
108
+
"synchronize account information from some other authoritative ".
109
+
"system, you can disable this to ensure information remains ".
110
+
"consistent across both systems.")),
111
+
$this->newOption('account.minimum-password-length', 'int', 8)
112
+
->setSummary(pht("Minimum password length."))
113
+
->setDescription(
114
+
pht(
115
+
"When users set or reset a password, it must have at least this ".
116
+
"many characters.")),
117
+
);
118
+
}
119
+
120
+
}