Revision 0.1Beta (2022-06-02)
About: Warning ! This plugin is currently in BETA, it may have bugs and missing features.
Allow a Two-factor Authentication by mail (by a 6 digit temporary code).
Make sure that your piwigo admin user email address is correct and that you have access to it before activating this plugin !
Work with a correct SMTP server linked to piwigo.
Changes: Working Beta of the plugin.
Contain email Authentication by mail with settings in the admin.
Revision 0.5.0 (2022-05-28)
About: The External Authentication plugin supports login based on the identity provided by the webserver (aka the Remote User), which is usually supplied via proxy servers or webserver modules (eg. "Basic Auth"). It differs from the Piwigo "apache_authentication" option by providing a greater degree of flexibility, including:
- Control over which variable(s) are used for authentication
- Piwigo login will always follow changes in (recognized) Remote Users
- Native Piwigo logins possible when the Remote User is considered a guest
- Option to copy webserver supplied passwords to Piwigo accounts
- External login/logout URLs replacing or co-existing with native ones
- Possibily to auto-register unknown Remote Users as new Piwigo users
- Control over auto-registration profiles, passwords, status and notifications
- Flexible list of Remote Users considered guests
This plugin is incompatible with the $conf['apache_authentication'] option, and will auto-disable if it's set.
Fallback Authentication is optional, and permits native Piwigo logins when the current Remote User is considered a guest. NOTE: If Remote User auto-registration is disabled, any Remote User unknown to Piwigo is considered a guest. If Fallback is disabled, Piwigo logins will always match the current Remote User.
The plugin makes every effort to prevent un-intentional account lockout, and is always disabled upon activation to permit configuration before login enforcement is enabled (which may immediately log the current session out!).
Debug logging can be enabled on the plugin's admin page, or by setting $conf['externalauth_debug'] = true
Changes: - Update templates to work correctly with Piwigo 11+.
- Added icons to settings.
Revision 1.1.1 (2022-01-31)
About: A small and lightweight Captcha solution to keep your installation free from bot spam comments and bot fake registrations.
It does not rely on any remote resources - like Recaptcha from Google or any others. This means you do not have to mention it in your GDPR compliance declaration. If Google enables Recaptcha V3 soon, Recaptcha will act like a tracker, since the advice is to implement it on every single page of your website. You will dislike Google for this, hopefully.
Installation is as easy as with any other plugin. Since this plugin does not use any database tables it does not matter which MySQL version you are using.
The Captcha works the classic way. There are some configuration options like colors, OCR confusion, dimensions and length of challenge. Just explore the possibilities in the plugin area of Piwigo admin.
Yes, it is the 5th or so Captcha solution, but all other solutions rely on remote resources or are not maintained anymore.
You can protect comments below pictures, comments below categories (plugin Comments on Albums), user registration, guestbook entries (plugin GuestBook) and the contact form (plugin Contact Form).
The plugin is based on work of mistic and Stefan Petre.
Would love to receive feedback.
Changes: adds slovenian language, provided by max-ima
Revision 2.8.1 (2022-01-10)
About: This plugin adds password policies.
**** Important: Some features have been migrated from the UserAdvManager plugin (version < 2.50.x ) . This plugin is therefore only compatible with the 2.51.x and upper UserAdvManager versions. ****
List of plugin features :
* Complexity of passwords chosen by users (or admin) when registering
If enabled, a password complexity score must be set. All passwords chosen not respecting this score will be rejected. The administration module of the plugin allows to test the complexity configuration.
* Renewal passwords policy
Enables the management tab in plugin administration panel to list registered user and allows to manually initiate a renewal of the password of one or more registered users.
At their next login , they will be automatically redirected to their profile page and prompted to change their password. And this, until the action is performed.
* Management of failed login attempts due to incorrect password
Allows to define a maximum number of login attempts with incorrect password. Beyond this limit, the user account is locked and can no longer connect to the gallery. He should contact the administrator to request the unlocking.
The administrator can then perform the unlocking in the users management tab of the plugin where a symbol will show locked accounts.
Changes: Compatibility with Piwigo 12
Revision 2.4.6 (2021-12-16)
About: 'Adult_content' helps to protect children. Mature pictures are filtered according to age. Three user groups are provided by the plugin: nothing, 16-17, 18+, allowing management of photo viewing by each group.
May be adapted for violent content.
Changes: Piwigo 12 compatibility (actually checked)