App/Config/Auth.php

1. <?php namespace Config;
2.  
3. use CodeIgniter\Config\BaseConfig;
4.  
5. class Auth extends \Myth\Auth\Config\Auth
6. {
7.     /**
8.      * --------------------------------------------------------------------
9.      * Default User Group
10.      * --------------------------------------------------------------------
11.      *
12.      * The name of a group a user will be added to when they register,
13.      * i.e. $defaultUserGroup = 'guests'.
14.      *
15.      * @var string
16.      */
17.     public $defaultUserGroup = 'member';
18.  
19.     /**
20.      * --------------------------------------------------------------------
21.      * Libraries
22.      * --------------------------------------------------------------------
23.      *
24.      * @var array
25.      */
26.     public $authenticationLibs = [
27.         'local' => 'Myth\Auth\Authentication\LocalAuthenticator',
28.     ];
29.  
30.     /**
31.      * --------------------------------------------------------------------
32.      * Views used by Auth Controllers
33.      * --------------------------------------------------------------------
34.      *
35.      * @var array
36.      */
37.     public $views = [
38.         // 'login'         => 'Myth\Auth\Views\login',
39.         // 'register'       => 'Myth\Auth\Views\register',
40.         // 'forgot'       => 'Myth\Auth\Views\forgot',
41.         // 'reset'         => 'Myth\Auth\Views\reset',
42.         // 'emailForgot'     => 'Myth\Auth\Views\emails\forgot',
43.         // 'emailActivation' => 'Myth\Auth\Views\emails\activation',
44.         'login'           => 'agungsugiarto\boilerplate\Views\Authentication\login',
45.         'register'        => 'agungsugiarto\boilerplate\Views\Authentication\register',
46.         'forgot'          => 'agungsugiarto\boilerplate\Views\Authentication\forgot',
47.         'reset'           => 'agungsugiarto\boilerplate\Views\Authentication\reset',
48.         'emailForgot'     => 'agungsugiarto\boilerplate\Views\Authentication\emails\forgot',
49.         'emailActivation' => 'agungsugiarto\boilerplate\Views\Authentication\emails\activation',
50.     ];
51.  
52.     /**
53.      * --------------------------------------------------------------------
54.      * Layout for the views to extend
55.      * --------------------------------------------------------------------
56.      *
57.      * @var string
58.      */
59.     public $viewLayout = 'Myth\Auth\Views\layout';
60.  
61.     /**
62.      * --------------------------------------------------------------------
63.      * Authentication
64.      * --------------------------------------------------------------------
65.      *
66.      * Fields that are available to be used as credentials for login.
67.      *
68.      * @var string[]
69.      */
70.     public $validFields = [
71.         'email',
72.         'username',
73.     ];
74.  
75.     /**
76.      * --------------------------------------------------------------------
77.      * Additional Fields for "Nothing Personal"
78.      * --------------------------------------------------------------------
79.      *
80.      * The `NothingPersonalValidator` prevents personal information from
81.      * being used in passwords. The email and username fields are always
82.      * considered by the validator. Do not enter those field names here.
83.      *
84.      * An extend User Entity might include other personal info such as
85.      * first and/or last names. `$personalFields` is where you can add
86.      * fields to be considered as "personal" by the NothingPersonalValidator.
87.      *
88.      * For example:
89.      *   $personalFields = ['firstname', 'lastname'];
90.      *
91.      * @var string[]
92.      */
93.     public $personalFields = [];
94.  
95.     /**
96.      * --------------------------------------------------------------------
97.      * Password / Username Similarity
98.      * --------------------------------------------------------------------
99.      *
100.      * Among other things, the NothingPersonalValidator checks the
101.      * amount of sameness between the password and username.
102.      * Passwords that are too much like the username are invalid.
103.      *
104.      * The value set for $maxSimilarity represents the maximum percentage
105.      * of similarity at which the password will be accepted. In other words, any
106.      * calculated similarity equal to, or greater than $maxSimilarity
107.      * is rejected.
108.      *
109.      * The accepted range is 0-100, with 0 (zero) meaning don't check similarity.
110.      * Using values at either extreme of the *working range* (1-100) is
111.      * not advised. The low end is too restrictive and the high end is too permissive.
112.      * The suggested value for $maxSimilarity is 50.
113.      *
114.      * You may be thinking that a value of 100 should have the effect of accepting
115.      * everything like a value of 0 does. That's logical and probably true,
116.      * but is unproven and untested. Besides, 0 skips the work involved
117.      * making the calculation unlike when using 100.
118.      *
119.      * The (admittedly limited) testing that's been done suggests a useful working range
120.      * of 50 to 60. You can set it lower than 50, but site users will probably start
121.      * to complain about the large number of proposed passwords getting rejected.
122.      * At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as
123.      * perfectly acceptable which clearly they are not.
124.      *
125.      *
126.      * To disable similarity checking set the value to 0.
127.      *    public $maxSimilarity = 0;
128.      *
129.      * @var int
130.      */
131.     public $maxSimilarity = 50;
132.  
133.     /**
134.      * --------------------------------------------------------------------
135.      * Allow User Registration
136.      * --------------------------------------------------------------------
137.      *
138.      * When enabled (default) any unregistered user may apply for a new
139.      * account. If you disable registration you may need to ensure your
140.      * controllers and views know not to offer registration.
141.      *
142.      * @var bool
143.      */
144.     public $allowRegistration = true;
145.  
146.     /**
147.      * --------------------------------------------------------------------
148.      * Require Confirmation Registration via Email
149.      * --------------------------------------------------------------------
150.      *
151.      * When enabled, every registered user will receive an email message
152.      * with an activation link to confirm the account.
153.      *
154.      * @var string Name of the ActivatorInterface class
155.      */
156.     #public $requireActivation = 'Myth\Auth\Authentication\Activators\EmailActivator';
157.     public $requireActivation = false;
158.  
159.     /**
160.      * --------------------------------------------------------------------
161.      * Allow Password Reset via Email
162.      * --------------------------------------------------------------------
163.      *
164.      * When enabled, users will have the option to reset their password
165.      * via the specified Resetter. Default setting is email.
166.      *
167.      * @var string Name of the ResetterInterface class
168.      */
169.     public $activeResetter = 'Myth\Auth\Authentication\Resetters\EmailResetter';
170.  
171.     /**
172.      * --------------------------------------------------------------------
173.      * Allow Persistent Login Cookies (Remember me)
174.      * --------------------------------------------------------------------
175.      *
176.      * While every attempt has been made to create a very strong protection
177.      * with the remember me system, there are some cases (like when you
178.      * need extreme protection, like dealing with users financials) that
179.      * you might not want the extra risk associated with this cookie-based
180.      * solution.
181.      *
182.      * @var bool
183.      */
184.     public $allowRemembering = false;
185.  
186.     /**
187.      * --------------------------------------------------------------------
188.      * Remember Length
189.      * --------------------------------------------------------------------
190.      *
191.      * The amount of time, in seconds, that you want a login to last for.
192.      * Defaults to 30 days.
193.      *
194.      * @var int
195.      */
196.     public $rememberLength = 30 * DAY;
197.  
198.     /**
199.      * --------------------------------------------------------------------
200.      * Error handling
201.      * --------------------------------------------------------------------
202.      *
203.      * If true, will continue instead of throwing exceptions.
204.      *
205.      * @var bool
206.      */
207.     public $silent = false;
208.  
209.     /**
210.      * --------------------------------------------------------------------
211.      * Encryption Algorithm to Use
212.      * --------------------------------------------------------------------
213.      *
214.      * Valid values are
215.      * - PASSWORD_DEFAULT (default)
216.      * - PASSWORD_BCRYPT
217.      * - PASSWORD_ARGON2I  - As of PHP 7.2 only if compiled with support for it
218.      * - PASSWORD_ARGON2ID - As of PHP 7.3 only if compiled with support for it
219.      *
220.      * If you choose to use any ARGON algorithm, then you might want to
221.      * uncomment the "ARGON2i/D Algorithm" options to suit your needs
222.      *
223.      * @var string|int
224.      */
225.     public $hashAlgorithm = PASSWORD_DEFAULT;
226.  
227.     /*
228.      * --------------------------------------------------------------------
229.      * ARGON2i/D Algorithm options
230.      * --------------------------------------------------------------------
231.      *
232.      * The ARGON2I method of encryption allows you to define the "memory_cost",
233.      * the "time_cost" and the number of "threads", whenever a password hash is
234.      * created.
235.      *
236.      * This defaults to a value of 10 which is an acceptable number.
237.      * However, depending on the security needs of your application
238.      * and the power of your hardware, you might want to increase the
239.      * cost. This makes the hashing process takes longer.
240.      */
241.  
242.     /** @var int */
243.     public $hashMemoryCost = 2048; // PASSWORD_ARGON2_DEFAULT_MEMORY_COST;
244.  
245.     /** @var int */
246.     public $hashTimeCost = 4; // PASSWORD_ARGON2_DEFAULT_TIME_COST;
247.  
248.     /** @var int */
249.     public $hashThreads = 4; // PASSWORD_ARGON2_DEFAULT_THREADS;
250.  
251.     /**
252.      * --------------------------------------------------------------------
253.      * Password Hashing Cost
254.      * --------------------------------------------------------------------
255.      *
256.      * The BCRYPT method of encryption allows you to define the "cost"
257.      * or number of iterations made, whenever a password hash is created.
258.      * This defaults to a value of 10 which is an acceptable number.
259.      * However, depending on the security needs of your application
260.      * and the power of your hardware, you might want to increase the
261.      * cost. This makes the hashing process takes longer.
262.      *
263.      * Valid range is between 4 - 31.
264.      *
265.      * @var int
266.      */
267.     public $hashCost = 10;
268.  
269.     /**
270.      * --------------------------------------------------------------------
271.      * Minimum Password Length
272.      * --------------------------------------------------------------------
273.      *
274.      * The minimum length that a password must be to be accepted.
275.      * Recommended minimum value by NIST = 8 characters.
276.      *
277.      * @var int
278.      */
279.     public $minimumPasswordLength = 8;
280.  
281.     /**
282.      * --------------------------------------------------------------------
283.      * Password Check Helpers
284.      * --------------------------------------------------------------------
285.      *
286.      * The PasswordValidater class runs the password through all of these
287.      * classes, each getting the opportunity to pass/fail the password.
288.      *
289.      * You can add custom classes as long as they adhere to the
290.      * Password\ValidatorInterface.
291.      *
292.      * @var string[]
293.      */
294.     public $passwordValidators = [
295.         'Myth\Auth\Authentication\Passwords\CompositionValidator',
296.         'Myth\Auth\Authentication\Passwords\NothingPersonalValidator',
297.         'Myth\Auth\Authentication\Passwords\DictionaryValidator',
298.         // 'Myth\Auth\Authentication\Passwords\PwnedValidator',
299.     ];
300.  
301.     /**
302.      * --------------------------------------------------------------------
303.      * Activator classes
304.      * --------------------------------------------------------------------
305.      *
306.      * Available activators with config settings
307.      *
308.      * @var array
309.      */
310.     public $userActivators = [
311.         'Myth\Auth\Authentication\Activators\EmailActivator' => [
312.             'fromEmail' => null,
313.             'fromName' => null,
314.         ],
315.     ];
316.  
317.     /**
318.      * --------------------------------------------------------------------
319.      * Resetter Classes
320.      * --------------------------------------------------------------------
321.      *
322.      * Available resetters with config settings
323.      *
324.      * @var array
325.      */
326.     public $userResetters = [
327.         'Myth\Auth\Authentication\Resetters\EmailResetter' => [
328.             'fromEmail' => null,
329.             'fromName' => null,
330.         ],
331.     ];
332.  
333.     /**
334.      * --------------------------------------------------------------------
335.      * Reset Time
336.      * --------------------------------------------------------------------
337.      *
338.      * The amount of time that a password reset-token is valid for,
339.      * in seconds.
340.      *
341.      * @var int
342.      */
343.     public $resetTime = 3600;
344. }
345.