#287 closed enhancement (fixed)
allow users to register for an account
| Reported by: | Owned by: | Matthew Good | |
|---|---|---|---|
| Priority: | normal | Milestone: | 0.9 |
| Component: | general | Version: | 0.8.3 |
| Severity: | normal | Keywords: | On-Line Access Restrictions patch |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description (last modified by )
The idea is to limit the (write) accesses to registered user. And add a tool to allow the user to register himself. To limit 'fake' users the idea is to send a default password to the email address provided by the user.
With that only valid users can submit new ticket or write pages.
Attachments (2)
Change History (19)
comment:1 by , 20 years ago
| Keywords: | On-Line Access Restrictions added |
|---|---|
| Milestone: | → 0.8 |
| Priority: | normal → highest |
comment:2 by , 20 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
Sorry I meant #797
And if this was possible I couldn't accept the ticket as I will just for example purposes.
comment:3 by , 20 years ago
| Owner: | changed from to |
|---|---|
| Priority: | highest → normal |
| Status: | assigned → new |
Restore to previous state. Just because you can, doesn't mean you should.
comment:4 by , 20 years ago
Attached patch adds a free registration form for anonymous users. Authenticated users gets a "change password" and "delete account" form instead.
A new module, Registration, manage os.system('htpasswd …') calls to add or change an user entry. Delete was hand made, using fcntl [1] to lock the password file while rewriting it.
A new configuration section "registration" has three new parameters : htpasswd_bin (path to htpasswd), passwd_file (path to password file) and use_md5 (which turns on htpasswd's -m flag).
comment:5 by , 20 years ago
| Milestone: | 0.8 → 0.9 |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
will look for it in the next version, should not be a stopper for the .8 release
comment:6 by , 19 years ago
| Description: | modified (diff) |
|---|---|
| Summary: | limit accesses → Limit write access to registered users |
Better summary.
comment:8 by , 19 years ago
I would like to see the ability to use htdigest and not just htpasswd here. Very glad to see this patch though!
comment:9 by , 19 years ago
| Owner: | changed from to |
|---|---|
| Status: | assigned → new |
For 0.9 this can be reimplemented using TracPluggableModules to provide this as an optional module.
comment:10 by , 19 years ago
I've attached a patch here to get some feedback on it before committing. It allows for registration, password changing, and account deletion with both htpasswd and htdigest. It also provides an interface that could be used to implement other password-storage mechanisms. Registration can be turned off independently of the other account management, so you could allow people to change their passwords on existing accounts, but not sign up for a new one.
This implements the htpasswd and htdigest management in Python, so it doesn't depend on an external utility. The htpasswd implementation requires a good random number generator, so it either requires a Unix-like OS (one that provides /dev/urandom), or Python 2.4 for Windows support.
Use one of the following TracIni snippets to enable the module:
htpasswd:
[account-management] module = trac.Account enabled = true registration_enabled = true password_format = htpasswd password_file = /path/to/trac.passwd
htdigest:
[account-management] module = trac.Account enabled = true registration_enabled = true password_format = htdigest password_file = /path/to/trac.digest htdigest_realm = trac
comment:11 by , 19 years ago
Will this patch/module force all my users to create an account themselves and to login prior to changing anything?
comment:12 by , 19 years ago
| Summary: | Limit write access to registered users → allow users to register for an account |
|---|
comment:13 by , 19 years ago
| Version: | 0.6.1 → 0.8.3 |
|---|
This is a great module. I'm adding some notes for those who wishing to use this module. Instructions are deliberatley verbose for users who might be new to trac and subversion
This module (register.diff) requires trac 0.9 to work at all. So, if you haven't already then you will need to download/check out the trac trunk.
Change to your subversion directory svn co http://svn.edgewall.com/repos/trac/trunk this will download the latest version of trac from the server
download the patch
wget http://projects.edgewall.com/trac/attachment/ticket/287/register.diff?format=raw
cd trunk patch -p0 < register.diff?format.raw
Install this version python setup.py install
Upgrade your settings
trac-admin /var/trac/project upgrade
Resync
trac-admin /var/trav/project resync
Edit trac.ini as detailed above.
When you load your trac.cgi you should check the footer to see that you have indeed installed a new version and you should see the new menu items: "Register" if you are not logged it or "My account" if you are.
comment:14 by , 19 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
I've repackaged the registration module written for 0.9 based on the new plugin support and have uploaded it here: http://trac-hacks.swapoff.org/wiki/AccountManagerPlugin
I'm planning to maintain the registration module on that site as an external plugin.
You will need to update to the Trac trunk [2009] or higher to use the new plugin until 0.9 is released. See the README file included in the source for instructions on installing the plugin.
comment:15 by , 19 years ago
| Resolution: | fixed |
|---|---|
| Status: | closed → reopened |
Have written an extension to Matt's module to allow users to be stored within the database. Works fine with my extension to the authentication module written by Rede and is based on my own RelationalRoleSupport http://trac-hacks.swapoff.org/wiki/RelationalRoleSupportPatch. Have sent the extension to Matt to be included in Account Manager.
The encryption is compatible with Bugzilla for those wishing to migrate. Patch for bugzilla2trac.py is also available.
What is missing from the module is the ability to customise the redirect so that users can be logged on automatically or redirected to a particular page. Anyone interested in extensive user details might want to look at XUF for Zope http://sourceforge.net/projects/exuserfolder/ which provides support for custom parameters and would probably be easily customisable for Trac.
comment:16 by , 19 years ago
| Resolution: | → fixed |
|---|---|
| Status: | reopened → closed |
comment:17 by , 18 years ago
enhanced the Account Manager with a new permission ACCOUNT_MANAGER_REGISTER so a user with that permisson can create new users (you can set it also on anonymous)
Also needed is a "registration_enabled=true" in the trac.ini
I dunno this, and also take a look at ticket #796