2015-02-05 21:39:52 -06:00
< ? php
2017-10-21 01:40:00 -05:00
/**
* auth . php
2020-03-17 11:06:30 -05:00
* Copyright ( c ) 2019 james @ firefly - iii . org .
2017-10-21 01:40:00 -05:00
*
2019-10-01 23:38:00 -05:00
* This file is part of Firefly III ( https :// github . com / firefly - iii ) .
2017-10-21 01:40:00 -05:00
*
2019-10-01 23:38:00 -05:00
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation , either version 3 of the
* License , or ( at your option ) any later version .
2017-10-21 01:40:00 -05:00
*
2019-10-01 23:38:00 -05:00
* This program is distributed in the hope that it will be useful ,
2017-10-21 01:40:00 -05:00
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
2019-10-01 23:38:00 -05:00
* GNU Affero General Public License for more details .
2017-10-21 01:40:00 -05:00
*
2019-10-01 23:38:00 -05:00
* You should have received a copy of the GNU Affero General Public License
* along with this program . If not , see < https :// www . gnu . org / licenses />.
2017-10-21 01:40:00 -05:00
*/
2017-09-14 10:40:02 -05:00
declare ( strict_types = 1 );
2022-12-29 12:43:43 -06:00
if ( 'ldap' === strtolower (( string ) env ( 'AUTHENTICATION_GUARD' ))) {
2022-03-19 05:19:58 -05:00
die ( 'LDAP is no longer supported by Firefly III v5.7+. Sorry about that. You will have to switch to "remote_user_guard", and use tools like Authelia or Keycloak to use LDAP together with Firefly III.' );
2021-11-13 10:00:22 -06:00
}
2021-10-23 02:37:15 -05:00
2017-09-09 15:32:11 -05:00
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication " guard " and password
| reset options for your application . You may change these defaults
| as required , but they ' re a perfect start for most applications .
|
*/
2017-08-18 14:08:51 -05:00
2020-07-30 23:50:57 -05:00
'defaults' => [
2020-06-10 23:55:13 -05:00
'guard' => envNonEmpty ( 'AUTHENTICATION_GUARD' , 'web' ),
2016-01-08 08:59:21 -06:00
'passwords' => 'users' ,
],
2020-07-30 23:50:57 -05:00
'guard_header' => envNonEmpty ( 'AUTHENTICATION_GUARD_HEADER' , 'REMOTE_USER' ),
2020-10-03 00:03:41 -05:00
'guard_email' => envNonEmpty ( 'AUTHENTICATION_GUARD_EMAIL' , null ),
2017-09-09 15:32:11 -05:00
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next , you may define every authentication guard for your application .
| Of course , a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider .
|
| All authentication drivers have a user provider . This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user ' s data .
|
| Supported : " session " , " token "
|
*/
'guards' => [
2020-06-10 23:55:13 -05:00
'web' => [
2017-11-15 04:33:07 -06:00
'driver' => 'session' ,
2016-01-08 08:59:21 -06:00
'provider' => 'users' ,
],
2020-06-10 23:55:13 -05:00
'remote_user_guard' => [
'driver' => 'remote_user_guard' ,
'provider' => 'remote_user_provider' ,
],
'api' => [
2018-02-04 01:14:03 -06:00
'driver' => 'passport' ,
2016-01-08 08:59:21 -06:00
'provider' => 'users' ,
],
],
2017-09-09 15:32:11 -05:00
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider . This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user ' s data .
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table . These sources may then
| be assigned to any extra authentication guards you have defined .
|
| Supported : " database " , " eloquent "
|
*/
2016-01-08 08:59:21 -06:00
'providers' => [
2020-06-10 23:55:13 -05:00
'users' => [
2022-03-29 08:01:12 -05:00
'driver' => 'eloquent' ,
'model' => FireflyIII\User :: class ,
2016-01-08 08:59:21 -06:00
],
2020-06-10 23:55:13 -05:00
'remote_user_provider' => [
'driver' => 'remote_user_provider' ,
'model' => FireflyIII\User :: class ,
],
2016-01-08 08:59:21 -06:00
],
2017-09-09 15:32:11 -05:00
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types .
|
| The expire time is the number of minutes that the reset token should be
| considered valid . This security feature keeps tokens short - lived so
| they have less time to be guessed . You may change this as needed .
|
*/
2016-01-08 08:59:21 -06:00
'passwords' => [
'users' => [
'provider' => 'users' ,
2017-11-15 04:33:07 -06:00
'table' => 'password_resets' ,
'expire' => 60 ,
2021-10-03 11:18:44 -05:00
'throttle' => 300 , // Allows a user to request 1 token per 300 seconds
2016-01-08 08:59:21 -06:00
],
2015-06-27 01:06:24 -05:00
],
2020-06-06 15:25:52 -05:00
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| times out and the user is prompted to re - enter their password via the
| confirmation screen . By default , the timeout lasts for three hours .
|
*/
'password_timeout' => 10800 ,
2015-02-05 21:39:52 -06:00
];