forked from kbase/auth2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
adminconfig.mustache
141 lines (113 loc) · 4.91 KB
/
adminconfig.mustache
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
<html>
<body>
<h2>Server Configuration</h2>
<p><strong>It will take up to {{updatetimesec}} seconds for configuration changes to synch to other
server instances.</strong></p>
<form action="{{reseturl}}" method="post">
<input type="submit" value="Reset to defaults"/>
</form>
<h3>Basic</h3>
<form action="{{cfgbasicurl}}" method="post">
<p>Allow non-admin login. Disabling this does not stop currently logged-in users from using the
system:
<input type="checkbox" name="allowlogin" {{#allowlogin}}checked{{/allowlogin}}/>
</p>
<p>Show stack trace in returned errors:
<input type="checkbox" name="showstack" {{#showstack}}checked{{/showstack}}/><br/>
The stack trace is always logged.
</p>
<p>Ignore the X-Forwarded-For and X-Real-IP headers when determining IP addresses:
<input type="checkbox" name="ignoreip" {{#ignoreip}}checked{{/ignoreip}}/>
</p>
<p>Allowed post-login redirect URL prefix:
<input type="text" name="allowedloginredirect" size=50
{{#allowedloginredirect}}value="{{.}}"{{/allowedloginredirect}}/>
</p>
<p>Redirect URL when a user cannot be logged in immediately after return from 3rd party provider,
e.g. a choice of accounts is required or an account must be created.
<input type="text" name="completeloginredirect" size=50
{{#completeloginredirect}}value="{{.}}"{{/completeloginredirect}}/>
</p>
<p>Redirect URL after an account link (usually to a user page showing their identities).
<input type="text" name="postlinkredirect" size=50
{{#postlinkredirect}}value="{{.}}"{{/postlinkredirect}}/>
</p>
<p>Redirect URL when a user account cannot be linked immediately after return from 3rd party
provider, e.g. a choice of accounts is required.
<input type="text" name="completelinkredirect" size=50
{{#completelinkredirect}}value="{{.}}"{{/completelinkredirect}}/>
</p>
<input type="reset" value="Reset"/>
<input type="submit" value="Update"/>
</form>
<h3>Token lifetimes</h3>
<form action="{{tokenurl}}" method="post">
<p>Suggested cache lifetime (minutes):
<input type="number" name="tokensugcache" {{#tokensugcache}}value="{{.}}"{{/tokensugcache}}/>
</p>
<p>Login token (days):
<input type="number" name="tokenlogin" {{#tokenlogin}}value="{{.}}"{{/tokenlogin}}/>
</p>
<p>Agent token (days):
<input type="number" name="tokenagent" {{#tokenagent}}value="{{.}}"{{/tokenagent}}/>
</p>
<p>Developer token (days):
<input type="number" name="tokendev" {{#tokendev}}value="{{.}}"{{/tokendev}}/>
</p>
<p>Server token (days):
<input type="number" name="tokenserv" {{#tokenserv}}value="{{.}}"{{/tokenserv}}/>
</p>
<input type="reset" value="Reset"/>
<input type="submit" value="Update"/>
</form>
<h3>Environments</h3>
{{#environments}}
<h4>{{environment}}</h4>
<form action="{{environmenturl}}" method="post">
<input type="hidden" name="environment" value="{{environment}}"/>
<p>Allowed post-login redirect URL prefix:
<input type="text" name="allowedloginredirect" size=50
{{#allowedloginredirect}}value="{{.}}"{{/allowedloginredirect}}/>
</p>
<p>Redirect URL when a user cannot be logged in immediately after return from 3rd party provider,
e.g. a choice of accounts is required or an account must be created.
<input type="text" name="completeloginredirect" size=50
{{#completeloginredirect}}value="{{.}}"{{/completeloginredirect}}/>
</p>
<p>Redirect URL after an account link (usually to a user page showing their identities).
<input type="text" name="postlinkredirect" size=50
{{#postlinkredirect}}value="{{.}}"{{/postlinkredirect}}/>
</p>
<p>Redirect URL when a user account cannot be linked immediately after return from 3rd party
provider, e.g. a choice of accounts is required.
<input type="text" name="completelinkredirect" size=50
{{#completelinkredirect}}value="{{.}}"{{/completelinkredirect}}/>
</p>
<input type="reset" value="Reset"/>
<input type="submit" value="Update"/>
</form>
{{/environments}}
<h3>Identity Providers</h3>
{{#providers}}
<h4>{{provider}}</h4>
<form action="{{providerurl}}" method="post">
<input type="hidden" name="provider" value="{{provider}}"/>
<p>Enabled: <input type="checkbox" name="enabled" {{#enabled}}checked{{/enabled}}/>
</p>
<p>When linking accounts show link choices even if there's only one choice:
<input type="checkbox" name="forcelinkchoice" {{#forcelinkchoice}}checked{{/forcelinkchoice}}/>
</p>
<p>On login show login choices even if there's only one choice:
<input type="checkbox" name="forceloginchoice" {{#forceloginchoice}}checked{{/forceloginchoice}}/></br>
Select this option if a custom UI is setting its own login cookies. The server will then always
redirect to the UI prior to logging in a user (but after processing the return from the identity
provider), so the UI can then use JSON endpoints that don't set a cookie with a login token.</br>
Also set this option if users must agree to policy documents prior to login and the IDs of the
policy documents should be stored in the auth server.
</p>
<input type="reset" value="Reset"/>
<input type="submit" value="Update"/>
</form>
{{/providers}}
</body>
</html>