CodeIgniter-Aauth/application/config/aauth.php

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

/*
| -------------------------------------------------------------------
| Aauth Config
| -------------------------------------------------------------------
| A library Basic Authorization for CodeIgniter 2+
|
| -------------------------------------------------------------------
| EXPLANATION
| -------------------------------------------------------------------
|
|	See http://codeigniter-aauth-test.readthedocs.org/en/latest/
|	for more details and explainations
|
|
| 	['no_permission']                  	If user don't have permisssion to see the page he will be redirected the page spesificed.
|
| 	['admin_group']                    	Name of admin group
| 	['default_group']                  	Name of default group, the new user is added in it
| 	['public_group']                   	Public group , people who not logged in
|
| 	['db_profile']                     	The configuration database profile (see config/database.php)
|
| 	['users']                          	The table which contains users
| 	['groups']                         	The table which contains groups
| 	['user_to_group']                  	The table which contains join of users and groups
| 	['perms']                          	The table which contains permissions
| 	['perm_to_group']                  	The table which contains permissions for groups
| 	['perm_to_user']                   	The table which contains permissions for users
| 	['pms']                            	The table which contains private messages
| 	['user_variables']                 	The table which contains users variables
|
| 	['remember']                       	Remember time elapsed after connecting and automatic LogOut
|
| 	['max']                            	Maximum char long for Password
| 	['min']                            	Minimum char long for Password
|
| 	['additional_valid_chars']          Additional valid chars for username. Non alphanumeric characters that are allowed by default
|
| 	['ddos_protection']                	If it is true, the user will be banned temporary when he exceed the login 'try'
|
| 	['recaptcha_active']               	Enable reCAPTCHA (see www.google.com/recaptcha/admin)
| 	['recaptcha_login_attempts']       	:
| 	['recaptcha_siteKey']              	The reCAPTCHA siteKey
| 	['recaptcha_secret']               	The reCAPTCHA secretKey
|
| 	['totp_active']                    	The Time-based One-time Password Algorithm
| 	['totp_only_on_ip_change']         	TOTP only on IP Change
| 	['totp_reset_over_reset_password'] 	TOTP reset over reset Password
| 	['totp_two_step_login'] 			enables TOTP two step login 
| 	['totp_two_step_login_redirect']    Redirect path to TOTP Verification page used by control() & is_allowed()
|
| 	['max_login_attempt']              	Login attempts time interval (default 10 times in one hour)
| 	['max_login_attempt_time_period']   Period of time for max login attempts (default "5 minutes")
|
| 	['login_with_name']                	Login Identificator, if TRUE username needed to login else email address.
|
| 	['use_cookies']                    	FALSE only on CI3
|
| 	['email']                          	Sender email address, used for remind_password, send_verification and reset_password
| 	['name']                           	Sender name, used for remind_password, send_verification and reset_password
|
| 	['verification']                   	User Verification, if TRUE sends a verification email on account creation.
| 	['verification_link']              	Link for verification without site_url or base_url
| 	['reset_password_link']            	Link for reset_password without site_url or base_url
|
|	['hash']							Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
|										Please, run hash_algos() for know your all supported algorithms
| 	['use_password_hash']               True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher
| 	['password_hash_algo']              password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT) for details see http://php.net/manual/de/password.constants.php
| 	['password_hash_options']           password_hash options array for details see http://php.net/manual/en/function.password-hash.php
|
*/
$config_aauth = array();

$config_aauth["default"] = array(
	'no_permission'                  => FALSE,

	'admin_group'                    => 'admin',
	'default_group'                  => 'default',
	'public_group'                   => 'public',

	'db_profile'                     => 'default',

	'users'                          => 'aauth_users',
	'groups'                         => 'aauth_groups',
	'group_to_group'                 => 'aauth_group_to_group',
	'user_to_group'                  => 'aauth_user_to_group',
	'perms'                          => 'aauth_perms',
	'perm_to_group'                  => 'aauth_perm_to_group',
	'perm_to_user'                   => 'aauth_perm_to_user',
	'pms'                            => 'aauth_pms',
	'user_variables'                 => 'aauth_user_variables',

	'remember'                       => ' +3 days',

	'max'                            => 13,
	'min'                            => 5,

	'additional_valid_chars'         => array(),

	'ddos_protection'                => true,

	'recaptcha_active'               => false,
	'recaptcha_login_attempts'       => 4,
	'recaptcha_siteKey'              => '',
	'recaptcha_secret'               => '',

	'totp_active'                    => false,
	'totp_only_on_ip_change'         => false,
	'totp_reset_over_reset_password' => false,
	'totp_two_step_login_active'     => false,
	'totp_two_step_login_redirect'   => '/account/twofactor_verification/',

	'max_login_attempt'              => 10,
	'max_login_attempt_time_period'  => "5 minutes",

	'login_with_name'                => false,

	'use_cookies'                    => true,

	'email'                          => 'admin@admin.com',
	'name'                           => 'Emre Akay',

	'verification'                   => false,
	'verification_link'              => '/account/verification/',
	'reset_password_link'            => '/account/reset_password/',

	'hash'                           => 'sha256',
	'use_password_hash'              => false,
	'password_hash_algo'             => PASSWORD_DEFAULT,
	'password_hash_options'          => array()
);

$config['aauth'] = $config_aauth['default'];

/* End of file aauth.php */
/* Location: ./application/config/aauth.php */
Update config file for readability and comprehension 10 years ago			`<?php`
			`defined('BASEPATH') OR exit('No direct script access allowed');`

First commit 12 years ago			`/*`
Update config file for readability and comprehension 10 years ago			`\| -------------------------------------------------------------------`
			`\| Aauth Config`
			`\| -------------------------------------------------------------------`
			`\| A library Basic Authorization for CodeIgniter 2+`
			`\|`
			`\| -------------------------------------------------------------------`
			`\| EXPLANATION`
			`\| -------------------------------------------------------------------`
			`\|`
			`\| See http://codeigniter-aauth-test.readthedocs.org/en/latest/`
			`\| for more details and explainations`
			`\|`
			`\|`
			`\| ['no_permission'] If user don't have permisssion to see the page he will be redirected the page spesificed.`
			`\|`
			`\| ['admin_group'] Name of admin group`
			`\| ['default_group'] Name of default group, the new user is added in it`
			`\| ['public_group'] Public group , people who not logged in`
			`\|`
			`\| ['db_profile'] The configuration database profile (see config/database.php)`
			`\|`
			`\| ['users'] The table which contains users`
			`\| ['groups'] The table which contains groups`
			`\| ['user_to_group'] The table which contains join of users and groups`
			`\| ['perms'] The table which contains permissions`
			`\| ['perm_to_group'] The table which contains permissions for groups`
			`\| ['perm_to_user'] The table which contains permissions for users`
			`\| ['pms'] The table which contains private messages`
			`\| ['user_variables'] The table which contains users variables`
			`\|`
			`\| ['remember'] Remember time elapsed after connecting and automatic LogOut`
			`\|`
			`\| ['max'] Maximum char long for Password`
			`\| ['min'] Minimum char long for Password`
			`\|`
renamed `valid_chars` to `additional_valid_chars` #125 9 years ago			`\| ['additional_valid_chars'] Additional valid chars for username. Non alphanumeric characters that are allowed by default`
Update config file for readability and comprehension 10 years ago			`\|`
			`\| ['ddos_protection'] If it is true, the user will be banned temporary when he exceed the login 'try'`
			`\|`
			`\| ['recaptcha_active'] Enable reCAPTCHA (see www.google.com/recaptcha/admin)`
			`\| ['recaptcha_login_attempts'] :`
			`\| ['recaptcha_siteKey'] The reCAPTCHA siteKey`
			`\| ['recaptcha_secret'] The reCAPTCHA secretKey`
			`\|`
			`\| ['totp_active'] The Time-based One-time Password Algorithm`
			`\| ['totp_only_on_ip_change'] TOTP only on IP Change`
			`\| ['totp_reset_over_reset_password'] TOTP reset over reset Password`
totp enhancements - added 2 config vars (`totp_two_step_login_active`, `totp_two_step_login_redirect`) - changed `login()` to set session data if totp is required and two_step_login is active and skip default - fixed `control()` to check if totp verification is required, if required then it redirects to `totp_two_step_login_redirect` - fixed `control()` to check if is_loggedin not with totp verification is required - changed `is_allowed()` to check if totp verification is required, if required then it redirects to `totp_two_step_login_redirect` - added 2 functions `verify_user_totp_code($totp_code, $user_id = FALSE)` & `is_totp_required()` reference to #131 (tutorial follows) 9 years ago			`\| ['totp_two_step_login'] enables TOTP two step login`
added config var info for `totp_two_step_login_redirect` 9 years ago			`\| ['totp_two_step_login_redirect'] Redirect path to TOTP Verification page used by control() & is_allowed()`
Update config file for readability and comprehension 10 years ago			`\|`
fixed fatal flaw on `update_login_attempts` (#133) - changed `last_login_attempt` value to `Y-m-d H:i:s` from `Y-m-d H:0:0` - changed `last_login_attempt`-check to check every x minute based on config var (`max_login_attempt_per_minutes`) - added optional `last_login_attempt` update on login attempt (`update_last_login_attempt`) - added config var `max_login_attempt_per_minutes` - added config var `update_last_login_attempt` - fixed config var info for `max_login_attempt` (`20` to `10`) 9 years ago			`\| ['max_login_attempt'] Login attempts time interval (default 10 times in one hour)`
changed config var name from `max_login_attempt_per_minutes` to `max_login_attempt_time_period` changed default config var value for `max_login_attempt_per_minutes` removed config info line from removed `update_last_login_attempt` config var 9 years ago			`\| ['max_login_attempt_time_period'] Period of time for max login attempts (default "5 minutes")`
Update config file for readability and comprehension 10 years ago			`\|`
			`\| ['login_with_name'] Login Identificator, if TRUE username needed to login else email address.`
			`\|`
			`\| ['use_cookies'] FALSE only on CI3`
			`\|`
			`\| ['email'] Sender email address, used for remind_password, send_verification and reset_password`
			`\| ['name'] Sender name, used for remind_password, send_verification and reset_password`
			`\|`
			`\| ['verification'] User Verification, if TRUE sends a verification email on account creation.`
			`\| ['verification_link'] Link for verification without site_url or base_url`
			`\| ['reset_password_link'] Link for reset_password without site_url or base_url`
			`\|`
Add explaination an recommendations 10 years ago			`\| ['hash'] Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)`
			`\| Please, run hash_algos() for know your all supported algorithms`
BCrypt/PHP's password_hash support - added config var `use_password_hash` - added config var `password_hash_algo` - added config var `password_hash_options` - added `verify_password()` - changed `login()` (changed pass check with new the function, added a little skip for pass recreation if password_hash is active) - changed `hash_password()` - added `sql/Aauth_v2_BCrypt.sql` with a working password if BCrypt is active 9 years ago			`\| ['use_password_hash'] True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher`
fixed config var `password_hash_algo` string to constant and added info link 9 years ago			`\| ['password_hash_algo'] password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT) for details see http://php.net/manual/de/password.constants.php`
BCrypt/PHP's password_hash support - added config var `use_password_hash` - added config var `password_hash_algo` - added config var `password_hash_options` - added `verify_password()` - changed `login()` (changed pass check with new the function, added a little skip for pass recreation if password_hash is active) - changed `hash_password()` - added `sql/Aauth_v2_BCrypt.sql` with a working password if BCrypt is active 9 years ago			`\| ['password_hash_options'] password_hash options array for details see http://php.net/manual/en/function.password-hash.php`
Add explaination an recommendations 10 years ago			`\|`
Update config file for readability and comprehension 10 years ago			`*/`
			`$config_aauth = array();`

			`$config_aauth["default"] = array(`
fix for #81 Invalid new config file 10 years ago			`'no_permission' => FALSE,`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'admin_group' => 'admin',`
			`'default_group' => 'default',`
			`'public_group' => 'public',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'db_profile' => 'default',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'users' => 'aauth_users',`
			`'groups' => 'aauth_groups',`
Sub-Groups added - added function add_subgroup($group_par, $subgroup_par) - added function remove_subgroup($group_par, $subgroup_par) - added function get_subgroups($group_par) - modified is_group_allowed() to check subgroups - modified delete_group() to remove subgroups 9 years ago			`'group_to_group' => 'aauth_group_to_group',`
fix for #81 Invalid new config file 10 years ago			`'user_to_group' => 'aauth_user_to_group',`
			`'perms' => 'aauth_perms',`
			`'perm_to_group' => 'aauth_perm_to_group',`
			`'perm_to_user' => 'aauth_perm_to_user',`
			`'pms' => 'aauth_pms',`
			`'user_variables' => 'aauth_user_variables',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'remember' => ' +3 days',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'max' => 13,`
			`'min' => 5,`
Update config file for readability and comprehension 10 years ago
renamed `valid_chars` to `additional_valid_chars` #125 9 years ago			`'additional_valid_chars' => array(),`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'ddos_protection' => true,`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'recaptcha_active' => false,`
			`'recaptcha_login_attempts' => 4,`
			`'recaptcha_siteKey' => '',`
			`'recaptcha_secret' => '',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'totp_active' => false,`
			`'totp_only_on_ip_change' => false,`
			`'totp_reset_over_reset_password' => false,`
totp enhancements - added 2 config vars (`totp_two_step_login_active`, `totp_two_step_login_redirect`) - changed `login()` to set session data if totp is required and two_step_login is active and skip default - fixed `control()` to check if totp verification is required, if required then it redirects to `totp_two_step_login_redirect` - fixed `control()` to check if is_loggedin not with totp verification is required - changed `is_allowed()` to check if totp verification is required, if required then it redirects to `totp_two_step_login_redirect` - added 2 functions `verify_user_totp_code($totp_code, $user_id = FALSE)` & `is_totp_required()` reference to #131 (tutorial follows) 9 years ago			`'totp_two_step_login_active' => false,`
			`'totp_two_step_login_redirect' => '/account/twofactor_verification/',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'max_login_attempt' => 10,`
changed config var name from `max_login_attempt_per_minutes` to `max_login_attempt_time_period` changed default config var value for `max_login_attempt_per_minutes` removed config info line from removed `update_last_login_attempt` config var 9 years ago			`'max_login_attempt_time_period' => "5 minutes",`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'login_with_name' => false,`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'use_cookies' => true,`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'email' => 'admin@admin.com',`
			`'name' => 'Emre Akay',`
Update config file for readability and comprehension 10 years ago
fix for #81 Invalid new config file 10 years ago			`'verification' => false,`
			`'verification_link' => '/account/verification/',`
Add hash in configuration 10 years ago			`'reset_password_link' => '/account/reset_password/',`

BCrypt/PHP's password_hash support - added config var `use_password_hash` - added config var `password_hash_algo` - added config var `password_hash_options` - added `verify_password()` - changed `login()` (changed pass check with new the function, added a little skip for pass recreation if password_hash is active) - changed `hash_password()` - added `sql/Aauth_v2_BCrypt.sql` with a working password if BCrypt is active 9 years ago			`'hash' => 'sha256',`
			`'use_password_hash' => false,`
fixed config var `password_hash_algo` string to constant and added info link 9 years ago			`'password_hash_algo' => PASSWORD_DEFAULT,`
BCrypt/PHP's password_hash support - added config var `use_password_hash` - added config var `password_hash_algo` - added config var `password_hash_options` - added `verify_password()` - changed `login()` (changed pass check with new the function, added a little skip for pass recreation if password_hash is active) - changed `hash_password()` - added `sql/Aauth_v2_BCrypt.sql` with a working password if BCrypt is active 9 years ago			`'password_hash_options' => array()`
Update config file for readability and comprehension 10 years ago			`);`

			`$config['aauth'] = $config_aauth['default'];`
First commit 12 years ago
adjustments of typos 10 years ago			`/* End of file aauth.php */`
Update config file for readability and comprehension 10 years ago			`/* Location: ./application/config/aauth.php */`