aboutsummaryrefslogtreecommitdiffhomepage
path: root/main/app/sprinkles/account/config
diff options
context:
space:
mode:
Diffstat (limited to 'main/app/sprinkles/account/config')
-rwxr-xr-xmain/app/sprinkles/account/config/default.php79
-rwxr-xr-xmain/app/sprinkles/account/config/production.php67
2 files changed, 146 insertions, 0 deletions
diff --git a/main/app/sprinkles/account/config/default.php b/main/app/sprinkles/account/config/default.php
new file mode 100755
index 0000000..e154643
--- /dev/null
+++ b/main/app/sprinkles/account/config/default.php
@@ -0,0 +1,79 @@
+<?php
+
+ /**
+ * Account configuration file for UserFrosting.
+ *
+ */
+
+ return [
+ 'debug' => [
+ 'auth' => false
+ ],
+ // configuration for the 'password reset' feature
+ 'password_reset' => [
+ 'algorithm' => 'sha512',
+ 'timeouts' => [
+ 'create' => 86400,
+ 'reset' => 10800
+ ]
+ ],
+ // See https://github.com/gbirke/rememberme for an explanation of these settings
+ 'remember_me' => [
+ 'cookie' => [
+ 'name' => 'rememberme'
+ ],
+ 'expire_time' => 604800,
+ 'session' => [
+ 'path' => '/'
+ ],
+ 'table' => [
+ 'tableName' => 'persistences',
+ 'credentialColumn' => 'user_id',
+ 'tokenColumn' => 'token',
+ 'persistentTokenColumn' => 'persistent_token',
+ 'expiresColumn' => 'expires_at'
+ ]
+ ],
+ 'reserved_user_ids' => [
+ 'guest' => -1,
+ 'master' => 1
+ ],
+ 'session' => [
+ // The keys used in the session to store info about authenticated users
+ 'keys' => [
+ 'current_user_id' => 'account.current_user_id', // the key to use for storing the authenticated user's id
+ 'captcha' => 'account.captcha' // Key used to store a captcha hash during captcha verification
+ ]
+ ],
+ // "Site" settings that are automatically passed to Twig
+ 'site' => [
+ 'login' => [
+ 'enable_email' => true
+ ],
+ 'registration' => [
+ 'enabled' => true,
+ 'captcha' => true,
+ 'require_email_verification' => true,
+ 'user_defaults' => [
+ 'locale' => 'en_US',
+ 'group' => 'terran',
+ // Default roles for newly registered users
+ 'roles' => [
+ 'user' => true
+ ]
+ ]
+ ]
+ ],
+ 'throttles' => [
+ 'check_username_request' => null,
+ 'password_reset_request' => null,
+ 'registration_attempt' => null,
+ 'sign_in_attempt' => null,
+ 'verification_request' => null
+ ],
+ // configuration for the 'email verification' feature
+ 'verification' => [
+ 'algorithm' => 'sha512',
+ 'timeout' => 10800
+ ]
+ ];
diff --git a/main/app/sprinkles/account/config/production.php b/main/app/sprinkles/account/config/production.php
new file mode 100755
index 0000000..b7c3288
--- /dev/null
+++ b/main/app/sprinkles/account/config/production.php
@@ -0,0 +1,67 @@
+<?php
+
+ /**
+ * Account production config file for UserFrosting. You may override/extend this in your site's configuration file to customize deploy settings.
+ *
+ */
+
+ return [
+ // See http://security.stackexchange.com/a/59550/74909 for the inspiration for our throttling system
+ 'throttles' => [
+ 'check_username_request' => [
+ 'method' => 'ip',
+ 'interval' => 3600,
+ 'delays' => [
+ 40 => 1000
+ ]
+ ],
+ 'password_reset_request' => [
+ 'method' => 'ip',
+ 'interval' => 3600,
+ 'delays' => [
+ 2 => 5,
+ 3 => 10,
+ 4 => 20,
+ 5 => 40,
+ 6 => 80,
+ 7 => 600
+ ]
+ ],
+ 'registration_attempt' => [
+ 'method' => 'ip',
+ 'interval' => 3600,
+ 'delays' => [
+ 2 => 5,
+ 3 => 10,
+ 4 => 20,
+ 5 => 40,
+ 6 => 80,
+ 7 => 600
+ ]
+ ],
+ 'sign_in_attempt' => [
+ 'method' => 'ip',
+ 'interval' => 3600,
+ 'delays' => [
+ 4 => 5,
+ 5 => 10,
+ 6 => 20,
+ 7 => 40,
+ 8 => 80,
+ 9 => 600
+ ]
+ ],
+ 'verification_request' => [
+ 'method' => 'ip',
+ 'interval' => 3600,
+ 'delays' => [
+ 2 => 5,
+ 3 => 10,
+ 4 => 20,
+ 5 => 40,
+ 6 => 80,
+ 7 => 600
+ ]
+ ]
+ ]
+ ];