General Documentation
February 19, 2018User Management
February 20, 2018Registration Settings
Updated: 4.3.14
The registration settings of the Admin Panel is a very important aspect to the life of your project. From here, you can disable the entire registration process (include for OAuth Users) or enable it, and modify the options as such. Disabling registration replaces the join page with a message indicating registration is not available. This message can be modified by changing the file /users/views/_joinDisabled.php.
Two FA
Default: Disabled. Two FA is available, and for the most part is complete as of version 4.3.14, we have a few minor upgrades to do, but otherwise it will work well for any project. Two Factor Auth includes the settings within the account settings panel for your users to enroll. Upon sign in, users with Two FA enabled will be redirected to twofa.php the variable 'twofa' will be set and only unset when Two FA is passed or the session is destroyed. Upon passing Two FA which is verified by users/api/index.php, they will be redirected to the location they were coming from, or the locations set from your login scripts (either the default, or what you set in custom_login_script.php. The three settings for Two FA are Disabled, Enabled and Disabled and Reset. Disabled and Reset will turn off Two FA, and reset all existing users back to a null value of twoKey and twoEnabled to 0. This means users will have to re-enroll in Two FA via the Account Panel.
Allow users to change their usernames
Default: Disabled. This prohibits, allows, or restricts username changes from user_settings.php.
Auto Assign Usernames
Although will hopefully allow custom hooks in the future, auto-assign usernames removes the username field from both the join form and the manual user creation modal. Usernames will be sent to the user via email (if verification emails are enabled) and are done in this format and stops where no duplication occurs:
-first initial, last name
-first name, last initial
-email (no duplication SHOULD occur, registration SHOULD fail)
Password strength and form validation settings are self-explanatory.
As always, if you have any questions, visit the UserSpice Forums or Discord Server!