<title>QWC DB authentication service</title>

QWC DB authentication service

Type: object

JSON Schema

Type: stringFormat: uri Default: "https://raw.githubusercontent.com/qwc-services/qwc-db-auth/master/schemas/qwc-db-auth.json"

Reference to JSON schema of this config

Service name

Type: const
Specific value: "db-auth"

Config options

Type: object

Type: string

DB connection URL

Type: string

The name of the DB schema which stores the qwc config. Default: qwc_config

Type: integer

Min password length. Default: 8

Type: integer

Max password length, or -1 to disable. Default: -1

Type: array of string

List of RegExes for additional password constraints. Default: []

No Additional Items

Each item of this array must be:

Type: integer

Min number of password_constraints to match for password to be valid. Default: 0

Type: string

Validation message if password constraints are not met. Default: Password does not match constraints

Type: integer

Number of days until password expires, or -1 to disable. Default: -1

Type: integer

Show an expiry notice within this number of days before a password expires, or -1 to disable. Default: -1

Type: integer

Min number of seconds before password may be changed again, or -1 to disable. Default: -1

Type: boolean

Set whether previous passwords may be reused or not. Default: true

Type: array of string

List of user info fields to include in JWT identity. Default: []

No Additional Items

Each item of this array must be:

Type: string

URL to a logo image to show in the login form. Default: null

Type: string

URL to a background image for the login page. Default: null

Type: string

URL of custom stylesheet. Default: null

Type: string

URL to terms of use. Default: null


Login hint text, shown above login form fields. Either a string, or dictionary {"<lang>": "<text>"}. When providing a dictionary, the entry matching the current locale will be searched, with fallback to en if no entry for the current locale exists, and fallback to an empty string if no en entry exists. Default: null

Type: string
Type: object

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^[a-z]{2}$
Type: string

Type: boolean

Whether 'username' and 'password', and possibly additional parameters, are passed as POST parameters. Additional parameters are appended to the target url query. Default: false

Type: integer

Maximum login attempts before login is blocked. Default: 20

Type: boolean

Enable two factor authentication using TOTP. Default: false

Type: boolean

Whether to enable two-factor authentication using TOTP for admin. Default: false

Type: string

Issuer name for QR code URI. Default: QWC Services

Type: integer

How many seconds an IP will remain in the blacklist. See also ip_blacklist_max_attempt_count. Default: 300

Type: integer

After how many failed login attempts an IP will be blacklisted. Should be less than max_login_attempts. See also ip_blacklist_duration. Default: 10

Type: boolean

Whether to force users to change the password on first login. Default: false