Difference between revisions of "User auth limits.pl"
(Added page about config file) |
m |
||
| Line 3: | Line 3: | ||
'''user_auth_limits.pl''' contains configuration that places limits on aspects of user authentication. It contains the following configuration options: | '''user_auth_limits.pl''' contains configuration that places limits on aspects of user authentication. It contains the following configuration options: | ||
| − | * '''<code>max_login_attempts</code>''' - Maximum number of failed login attempts before the account is locked. Default is 10. | + | * '''<code>$c->{max_login_attempts?</code>''' - Maximum number of failed login attempts before the account is locked. Default is 10. |
| − | * '''<code>lockout_minutes</code>''' - How long an account is locked if there are too many failed login attempts. Default is 10 minutes. | + | * '''<code>$c->{lockout_minutes}</code>''' - How long an account is locked if there are too many failed login attempts. Default is 10 minutes. |
| − | * '''<code>reset_request_recent_hours</code>''' - Number of hours before another password request email can be sent. Assuming the password was not reset by the previous email. This prevents users being incessantly spammed by unsolicited password reset emails. Default is 24 hours. | + | * '''<code>$c->{reset_request_recent_hours}</code>''' - Number of hours before another password request email can be sent. Assuming the password was not reset by the previous email. This prevents users being incessantly spammed by unsolicited password reset emails. Default is 24 hours. |
| − | * '''<code>max_account_requests</code>''' - Maximum number of accounts tht can be requested in a set period. Default is 100. | + | * '''<code>$c->{max_account_requests}</code>''' - Maximum number of accounts tht can be requested in a set period. Default is 100. |
| − | * '''<code>max_account_requests_minutes</code>''' - Number of minutes for which no more than the <code>max_account_requests</code> can be requested. Default is 60 minutes. | + | * '''<code>$c->{max_account_requests_minutes}</code>''' - Number of minutes for which no more than the <code>max_account_requests</code> can be requested. Default is 60 minutes. |
Revision as of 00:00, 31 January 2022
EPrints 3 Reference: Directory Structure - Metadata Fields - Repository Configuration - XML Config Files - XML Export Format - EPrints data structure - Core API - Data Objects
user_auth_limits.pl contains configuration that places limits on aspects of user authentication. It contains the following configuration options:
$c->{max_login_attempts?- Maximum number of failed login attempts before the account is locked. Default is 10.$c->{lockout_minutes}- How long an account is locked if there are too many failed login attempts. Default is 10 minutes.$c->{reset_request_recent_hours}- Number of hours before another password request email can be sent. Assuming the password was not reset by the previous email. This prevents users being incessantly spammed by unsolicited password reset emails. Default is 24 hours.$c->{max_account_requests}- Maximum number of accounts tht can be requested in a set period. Default is 100.$c->{max_account_requests_minutes}- Number of minutes for which no more than themax_account_requestscan be requested. Default is 60 minutes.
