Authentication Configuration

The following is a list of all the preferences that can be set in application/config/

Preference Default Value Options Description
sAuthenticationConf["tables"]["users"]UsersNoneThe table name to use for the users table.
sAuthenticationConf["tables"]["groups"]GroupsNoneThe table name to use for the groups table.
sAuthenticationConf["tables"]["usersGroups"]UsersGroupsNoneThe table name to use for the users groups table.
sAuthenticationConf["tables"]["loginAttempts"]LoginAttemptsNoneThe table name to use for the login attempts table.
sAuthenticationConf["join"]["users"]userIdNoneUsers table column you want to join WITH.
sAuthenticationConf["join"]["groups"]groupIdNoneGroup table column you want to join WITH.
sAuthenticationConf["cipher"]bfSee LiveCode's cipherNames() function.Cipher used to encrypt passwords (see revIgniter's Encryption Library).
sAuthenticationConf["hashType"]SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512. Note: All types but SHA-1 require LC server 9.0.0 dp 7 or higher.Hash type to be used by the encryption library (see revIgniter's Encryption Library). The default value is empty which means SHA-1 will be used. This is for backwards compatibility. If you use server version 9.0.0 dp 7 or higher please chose a more secure flavor.
sAuthenticationConf["keyLength"]128See LiveCode's cipherNames() function.Key length used to encrypt passwords (see revIgniter's Encryption Library).
sAuthenticationConf["authEncryptionKey"]myKeyNoneAuthentication encryption key (see revIgniter's Encryption Library).
sAuthenticationConf["useAuthEncryptionKey"]TRUETRUE or FALSE (boolean)Set this to FALSE if you prefere to use revIgniter's universal encryption key as set in
sAuthenticationConf["siteTitle"]Example.comNoneThe title of your site, used for email.
sAuthenticationConf["adminEmail"]admin@example.comNoneYour administrator email address.
sAuthenticationConf["minLengthPassword"]8NoneMinimum required password length.
sAuthenticationConf["maxLengthPassword"]20NoneMaximum allowed password length.
sAuthenticationConf["emailActivation"]TRUETRUE or FALSE (boolean)Sets whether to require email user activation or not.
sAuthenticationConf["manualActivation"]FALSETRUE or FALSE (boolean)Sets whether to require manual user activation or not.
sAuthenticationConf["identityColumn"]emailNoneColumn to use for uniquely identifing users logging in etc. You should add an index in the users table for whatever you set this option to.
sAuthenticationConf["defaultGroup"]membersNoneName of the default user group.
sAuthenticationConf["defaultAdminGroup"]adminNoneName of the admin group.
sAuthenticationConf["rememberUsers"]TRUETRUE or FALSE (boolean)Allow users to be remembered and enable auto-login.
sAuthenticationConf["autoLoginExpire"]129600NoneHow long to remember the user for in seconds. Set to zero for no expiration.
sAuthenticationConf["userExtendOnLogin"]FALSETRUE or FALSE (boolean)Extend the users session expiration everytime they auto-login.
sAuthenticationConf["trackLoginAttempts"]TRUETRUE or FALSE (boolean)Track the number of failed login attempts for each user or ip.
sAuthenticationConf["maxLoginAttempts"]3NoneThe maximum number of failed login attempts. This maximum is not enforced by the library. If set to 0, there is no maximum.
sAuthenticationConf["forgotPasswordExpiration"]0NoneThe number of seconds after which a forgot password request will expire. If set to 0, forgot password requests will not expire.
sAuthenticationConf["enableAuthenticationHooks"]FALSETRUE or FALSE (boolean)Enable / disable authentication "hooks".
sAuthenticationConf["sendEmails"]TRUETRUE or FALSE (boolean)Send emails using revIgniters library. False means: The library returns identity, user id, email address and activation code.
sAuthenticationConf["emailConfig"]mailtype: html, protocol: sendmailfile or revIgniter's Email Library prefsUse "file" if you want emails to be sent using revIgniter's default configuration or, if present, an email config file. Use an array to manually set your email configuration.
sAuthenticationConf["pathToEmailTemplates"]None Path to your authentication mail templates relative to application/views/. Leave this BLANK unless you would like to set something other than the default emailTemplates/ folder.
sAuthenticationConf["emailActivate"]authActivate.lcNoneName of your account activation email template.
sAuthenticationConf["emailForgotPassword"]forgotPassword.lcNoneName of your forgotten password email template.
sAuthenticationConf["messagePrefix"]<p>NoneStarting delimiter for authentication related messages.
sAuthenticationConf["messageSuffix"]</p>NoneEnding delimiter for authentication related messages.
sAuthenticationConf["errorPrefix"]<p>NoneStarting delimiter for authentication related error messages.
sAuthenticationConf["errorSuffix"]</p>NoneEnding delimiter for authentication related error messages.

OTP preferences used for two-factor authentication:

Preference Default Value Options Description
sAuthenticationConf["otpEnabled"]FALSETRUE or FALSE (boolean)Determines the activation of OTP features.
sAuthenticationConf["tables"]["otp"]otpNoneThe name of the table used for storing shared secrets.
sAuthenticationConf["otpIssuer"]The IssuerNoneA string identifying a provider or service managing the user's account. Used to prevent collisions in case the same account is used for different providers.
sAuthenticationConf["otpAlgo"]SHA1SHA1, SHA256 or SHA512The type of cryptographic message digest the OTP algorithm is based on.
sAuthenticationConf["otpDigits"]66 or 8Determines the length of an OTP.
sAuthenticationConf["otpPeriod"]30NoneDefines a period that a TOTP code will be valid for.
sAuthenticationConf["otpTimeWindow"]2NoneA delay window to compare OTPs not only in the current period but also with the next and previous time steps.
sAuthenticationConf["otpQRecc"]ML, M, Q, H or XQR code error correction.
sAuthenticationConf["otpQRsize"]41 to 10 inclusivelySize of the QR code displayed.
sAuthenticationConf["otpQRmask"]Auto1 to 7 inclusively or AutoQR code mask pattern.

Note: If security is essential think about enabling CSRF cookies in application/config/