Actions

Translations

Manage users/60/en: Difference between revisions

From LimeSurvey Manual

(Importing a new version from external source)
(Importing a new version from external source)
 
Line 1: Line 1:
'''Things to watch out for:'''
'''Things to watch out for:'''
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>$use_one_time_passwords = false;</code>]] has to be set <code>true</code> in config.php (it is 'false' by default).
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>'use_one_time_passwords' => true</code>]] has to be added in config.php (it is 'false' by default).
* The passed username has to exist in LimeSurvey's ''users table''.
* The passed username has to exist in the LimeSurvey ''users table''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in column ''one_time_pw'' of table ''users''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in the column ''one_time_pw'' of table ''users''.
* (This should be ignored except "Both passwords have to match") The passed plain text password will be hashed using the sha256 function and will then be compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in anymore with that respective password a second time.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.
* My local LS system can't test the permissions with different accounts (my email password does not have a way to be connected).

Latest revision as of 17:38, 3 May 2022

Message definition (Manage users)
'''Things to watch out for:'''
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>'use_one_time_passwords' => true</code>]] has to be added in config.php (it is 'false' by default).
* The passed username has to exist in the LimeSurvey ''users table''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in the column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.

Things to watch out for:

  • To enable this login method, the line 'use_one_time_passwords' => true has to be added in config.php (it is 'false' by default).
  • The passed username has to exist in the LimeSurvey users table.
  • The one-time password (which can be set via an external application) has to be stored as MD5 hash in the column one_time_pw of table users.
  • The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column one_time_pw of table users. Both passwords have to match.
  • After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.
Retrieved from "http://manual.limesurvey.org/index.php?title=Translations:Manage_users/60/en&oldid=173662"