From b03519af421d8895431ca68397265589a4d6fe36 Mon Sep 17 00:00:00 2001 From: alf Date: Sun, 9 Jan 2022 15:55:32 +0300 Subject: [PATCH] edit config.dist --- README.md | 26 ++++++++++++++++---------- config.inc.php.dist | 31 +++++++++++++++++++------------ 2 files changed, 35 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index cc1d340..c3af572 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,22 @@ #### Password Recovery Plugin for Roundcube -Plugin that adds functionality so that a user can -create a new password if the original is lost. + Plugin that adds functionality so that a user can + create a new password if the original is lost. -To restore the password, the user is asked a secret question, -and/or a confirmation code is sent to an additional email address -and SMS to the phone. + To restore the password, the user is asked a secret question, + and/or a confirmation code is sent to an additional email address + and SMS to the phone. -It is recommended that you use the "SMSTools" package to send SMS. + It is recommended that you use the "SMSTools" package to send SMS. -When checking and saving a new password, -the password is encrypted using the MD5-Crypt method. -The password is written directly to the Postfix database (mailbox table). + When checking and saving a new password, + the password is encrypted using the MD5-Crypt method. + The password is written directly to the Postfix database (mailbox table). + + The Password plugin can also be used when configured accordingly. + + +# Install + 1. Place this plugin folder into plugins directory of Roundcube + 2. Add 'password_recovery' to $config['plugins'] in your Roundcube config -The Password plugin can also be used when configured accordingly. diff --git a/config.inc.php.dist b/config.inc.php.dist index c981f7b..dec8fe4 100644 --- a/config.inc.php.dist +++ b/config.inc.php.dist @@ -4,14 +4,9 @@ $config['pr_db_dsn'] = 'mysql://_USER_:_PASSWORD_@localhost/postfix'; $config['pr_users_table'] = 'mailbox'; -// Array with names for ext_fields in 'pr_users_table' -// When using the postfix database mailbox table, you must add two fields to this table: 'question' and 'answer' -// -// Execute this query in the postfix database: -// -// ALTER TABLE mailbox ADD question VARCHAR(255) CHARACTER SET utf8 NOT NULL AFTER email_other; -// ALTER TABLE mailbox ADD answer VARCHAR(255) CHARACTER SET utf8 NOT NULL AFTER question; -// +// Array with names for ext_fields in 'pr_users_table': [name_for_plugin => name_in_db] +// When using the postfix database 'mailbox' table, you must add two columns to this table: 'question' and 'answer' +// If the plugin does not find the columns it needs in the database, they will be created automatically $config['pr_fields'] = [ 'altemail' => 'email_other', 'phone' => 'phone', @@ -23,14 +18,11 @@ $config['pr_fields'] = [ $config['pr_admin_email'] = 'postmaster@your.domain.com'; // Use secret question/answer to confirmation password recovery -$config['pr_use_question'] = false; +$config['pr_use_question'] = true; // Use message with code to confirmation password recovery $config['pr_use_confirm_code'] = true; -// Minimum length of new password -$config['pr_password_minimum_length'] = 8; - // Confirmation code length $config['pr_confirm_code_length'] = 6; @@ -40,6 +32,19 @@ $config['pr_confirm_code_count_max'] = 3; // Confirmation code duration (in minutes) $config['pr_confirm_code_validity_time'] = 30; +// Use the Password plugin to save a new password +$config['pr_use_password_plugin'] = true; + +// Minimum length of new password +// !!! Note: needed if not used Password plugin) +$config['pr_password_minimum_length'] = 8; + +// Require the new password to have at least the specified strength score. +// Password strength is scored from 1 (weak) to 5 (strong). +// !!! Note: needed if not used Password plugin) +$config['pr_password_minimum_score'] = 1; + + // SMTP settings // $config['pr_default_smtp_server'] = 'tls://your.domain.com'; // $config['pr_default_smtp_user'] = 'no-reply@your.domain.com'; @@ -48,6 +53,7 @@ $config['pr_default_smtp_server'] = 'localhost'; $config['pr_default_smtp_user'] = ''; $config['pr_default_smtp_pass'] = ''; + // Full path to SMS send function // This function must accept 2 parameters: phone number and message, // and return true on success or false on failure @@ -56,6 +62,7 @@ $config['pr_default_smtp_pass'] = ''; // $config['pr_sms_send_function'] = dirname(__FILE__) . '/bin/sendsms.sh'; + // Enables logging of password changes into /logs/password.log $config['pr_password_log'] = true;