Enabling Logins

Requirements

To enable logins in your instance of Password Pusher, you must have an SMTP server available to send emails through. These emails are sent for events such as password reset, unlock, registration etc..

To use logins, you should be running a database backed version of Password Pusher. Logins will likely work in an ephemeral setup but doesn’t make much sense given that data is wiped with every container restart.

Environment Variables

All of the following environments need to be set (except SMTP authentication if none) for application logins to function properly.

Note: Remember that instead of environment variables, which can get hard to maintain, Password Pusher also supports configuration by YAML file.

Environment Variable Description Default
PWP__ENABLE_LOGINS On/Off switch for logins. false
PWP__ALLOW_ANONYMOUS When false, requires a login for the front page (to push new passwords). Secret URLs can still be accessed anonymously. true
PWP__MAIL__RAISE_DELIVERY_ERRORS Email delivery errors will be shown in the application true
PWP__MAIL__SMTP_ADDRESS Allows you to use a remote mail server. Just change it from its default “localhost” setting. smtp.domain.com
PWP__MAIL__SMTP_PORT Port of the SMTP server 587
PWP__MAIL__SMTP_USER_NAME If your mail server requires authentication, set the username in this setting. smtp_username
PWP__MAIL__SMTP_PASSWORD If your mail server requires authentication, set the password in this setting. smtp_password
PWP__MAIL__SMTP_AUTHENTICATION If your mail server requires authentication, you need to specify the authentication type here. This is a string and one of :plain (will send the password in the clear), :login (will send password Base64 encoded) or :cram_md5 (combines a Challenge/Response mechanism to exchange information and a cryptographic Message Digest 5 algorithm to hash important information) plain
PWP__MAIL__SMTP_STARTTLS Use STARTTLS when connecting to your SMTP server and fail if unsupported. true
PWP__MAIL__SMTP_ENABLE_STARTTLS_AUTO Detects if STARTTLS is enabled in your SMTP server and starts to use it true
PWP__MAIL__OPEN_TIMEOUT Number of seconds to wait while attempting to open a connection. 10
PWP__MAIL__READ_TIMEOUT Number of seconds to wait until timing-out a read(2) call. 10
PWP__HOST_DOMAIN Used to build fully qualified URLs in emails. Where is your instance hosted? pwpush.com
PWP__HOST_PROTOCOL The protocol to access your Password Pusher instance. HTTPS advised. https
PWP__MAIL__MAILER_SENDER This is the “From” address in sent emails. ‘“Company Name” «user@example.com»’
PWP__DISABLE_SIGNUPS Once your user accounts are created, you can set this to disable any further user account creation. Sign up links and related backend functionality is disabled when true. false
PWP__SIGNUP_EMAIL_REGEXP The regular expression used to validate emails for new user signups. This can be modified to limit new account creation to a subset of domains. e.g. \A[^@\s]+@(hey\.com\|gmail\.com)\z. Tip: use https://rubular.com to test out your regular expressions. It includes a guide to what each component means in regexp. \A[^@\s]+@[^@\s]+\z

Shell Example

export PWP__ENABLE_LOGINS=true
export PWP__MAIL__RAISE_DELIVERY_ERRORS=true
export PWP__MAIL__SMTP_ADDRESS=smtp.mycompany.org
export PWP__MAIL__SMTP_PORT=587
export PWP__MAIL__SMTP_USER_NAME=yolo
export PWP__MAIL__SMTP_PASSWORD=secret
export PWP__MAIL__SMTP_AUTHENTICATION=plain
export PWP__MAIL__SMTP_STARTTLS=true
export PWP__MAIL__OPEN_TIMEOUT=10
export PWP__MAIL__READ_TIMEOUT=10
export PWP__HOST_DOMAIN=pwpush.mycompany.org
export PWP__HOST_PROTOCOL=https
export PWP__MAIL__MAILER_SENDER='"Spiderman" <thespider@mycompany.org>'

Troubleshooting

See Also

Users

Manually Adding Users

Generally you can use the Administration Dashboard to manage users through your browser but it is also possible to do this manually.

Adding a User

You can manually add users by opening an application console and running the following command:

User.create(email: 'user@example.com', password: 'mypassword', password_confirmation: 'mypassword')

This creates a new user account in the application ready to use.

Other Actions

To manually confirm an account:

user = User.find_by(email: 'user@example.com')
user.confirm

To send the user their confirmation instructions email:

user = User.find_by(email: 'user@example.com')
user.send_confirmation_instructions

To send a reset password insructions email:

user = User.find_by(email: 'user@example.com')
user.send_reset_password_instructions

To irrevocably delete a user:

user = User.find_by(email: 'user@example.com')
user.destroy

Warning: This is destructive and cannot be reversed. Make a backup of your database as a safety precaution.

Updated: