1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
Updated on september 6, 2022
1°) To send automatically a validation code to a new user
- You need sSMTP to send emails (please read MAILINGCODE)
- Run ciwiki with the option -s ( ciwiki -s )
2°) To send manually a validation code to a new user
- New user demand are stored in the file ~/newwikiusers.txt
Record fields are:
U:Username P:Password M:user@mail.com I:ip address T:time C:validation code
The validation code is generated from the username and the email address.
So the new user has the possibility to create his accound with another password
the condition is that he doesn't change his username, his email address and
the validation code. As soon as the account is created, the passwords is crypted and
stored in ./ciwiki/permission/.login.txt
The webmaster have to check if a new user was recorded in the file ~/newwikiusers.txt,
and to eturn by email to the new user his username, email address, validation code and
eventually his password.
Finaly, the webmaster can delete the record in ~/newwikiusers.txt.
3°) Login
- After 3 wrong login attempts (wrong password) the login procedure is locked for 4 minutes.
Number of allowed attempts and lockdown duration can be changed (ciwiki options -L and -D).
- The login requires the username and the password, both between 8 and 24 characters.
Space are not allowed, any other chars are possible.
The other fields (email,code) are only used to open an account.
- A new user will have to enter its username, password and email address. These info
are stored in ~/newwikiusers.txt , for example:
U:Gladiator P:Extrem125 M:inphilly@gmail.com I:127.0.0.1 T:21151948 C:43b002e6240
The user "Gladiator" will have to be contacted by email "yourlogin@gmail.com" with
these infos: username "Gladiator" password "Extrem125" and access code "43b002e6240"
- The host computer (127.0.0.1) is automatically logged with the option -a ( ciWiki -a )
- It's possible to have a list of unwanted ip address. Go in the folder ./ciwiki/permission
and create a file .unwanted.txt (don't forget the dot to hide the file else that will not work)
and write one line for each forbidden ip.
- passwords are crypted and stored in ./ciwiki/permission/.login.txt
4°) Login to access to ciwiki
To secure the access to ciwiki, run ciwiki with the option --secure or --secure=key=access_code.
The first page of ciwiki will be a login page and the user will not have the possibility to get
any other page if he is not logged in.
If the option is --secure=key=access_code, the user will have to enter his username, password and
the access_code.
Limitation: Because new user cannot access to ciwiki without password, the webmaster will have to
provide an username and a password to new user. The solution is to run two instances of ciwiki.
One instance is not --secure and contains only the welcome page inviting to create an account.
The other instance is --secure and contains all the wikipages.
LOGIN FEATURES:
***************
- Pages cannot be edited or deleted if the user is not logged.
- Page or part of the page can be hidden with the tag {{ private }}
Note: If after 30mn a page has not been opened then the ip is canceled, and the user will
have to login again.
|
