QuickStartForAuthUser

Summary: Just a quick guide for people to set up AuthUser to lock down their site.
Version: 1.0
Prerequisites: pmwiki
Status:beta
Maintainer: XES
License: CC0
Users: +3 (View / Edit)
Categories: Uncategorized

Questions answered by this recipe

This section is optional; use it to indicate the types of questions (if any) this recipe is intended to answer.

Description

A quick way to lock down your wiki but still allow authenticated users to edit your website.

Notes

Quick start for AuthUser authentication in PmWiki

This is a quick guide to using the AuthUser system in PmWiki. We will create a group of admins for the website, starting with only one admin (yourname).

For more documentation: See http://pmwiki.org/wiki/PmWiki/AuthUser

  • Temporarily protect the admin functions of your wiki by adding an admin password to PmWiki. This won't be permanent. Add this to config.php:
    $DefaultPasswords['admin'] = crypt('itsmytemporarysecret');

For versions prior to 2.2.0-beta58 do the following:

  1. Edit the Site/AuthUser page's visibility by going to http://yourwiki.com/pmwiki.php?n=Site/AuthUser&action=attr then put "@admins" in the "read" field.
  2. Edit your Site/AuthUser page and add yourself to the page as an admin:
    @admins: yourname
  3. Now you can add your password to the page also:
    yourname: (:encrypt YourPassword:)
  4. It will save an encrypted version of the password on the page, but no one can read it because you blocked the reading of the page already.

For version 2.2.0-beta58 and later do the following:

  1. Edit the SiteAdmin/AuthUser page's visibility by going to http://yourwiki.com/pmwiki.php?n=SiteAdmin/AuthUser&action=attr then put "@admins" in the "read" field.
  2. Edit your Site/AuthUser page and add yourself to the page as an admin:
    @admins: yourname
  3. Now you can add your password to the page also:
    yourname: (:encrypt YourPassword:)
  4. Now that you can now login as an admin you can turn the AuthUser system on. Add this to config.php:
    include_once("$FarmD/scripts/authuser.php");
  5. Then you need to change the admin password for the system to allow @admins group members to administer the site. Add this to config.php:
    $DefaultPasswords['admin'] = '@admins';
  6. And a line to make it so that only people with an id/username can edit the site:
    $DefaultPasswords['edit'] = 'id:*';
  7. That is enough to lock the system down and get you started with AuthUser. The admin can assign usernames and passwords by using:
    username: (:encrypt UserPassword:)
  8. And new admin users can be assigned to the @admins group by any current admin by adding their name to the list:
    @admins: yourname,username

Once this is done, you may add normal users by adding their username/password to the page, but do NOT add them to the @admins group. You may create other user groups and group users under them at any time. You may choose another name for admins such as @moderators to administrate the system by following the same directions and changing the group name with admin permissions in config.php.

Release Notes

If the recipe has multiple releases, then release notes can be placed here. Note that it's often easier for people to work with "release dates" instead of "version numbers".

Comments

See Discussion at QuickStartForAuthUser-Talk

See Also

Contributors

User notes +3: If you use, used or reviewed this recipe, you can add your name. These statistics appear in the Cookbook listings and will help newcomers browsing through the wiki.