Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.

Documentation

Skip to end of metadata
Go to start of metadata

In Abiquo 3.2 you can enforce your password best practice to improve user password security and usability. And you can allow users to reset their passwords.

The password options can:

  • Prevent users from changing between a set of common passwords
  • Ensure that users change their passwords periodically
  • Prevent users from quickly reverting to an old password
  • Require a minimum password length
  • Require complex passwords that do not contain the users name and include at least three of the following five categories: uppercase letters, lowercase letters, digits, non-alphanumeric characters and other unicode characters.
  • Deter multiple attempts to break into a user account
  • Allow users to reset their passwords and provide the URI for password reset.

Configure Passwords

Configure ReCaptcha

You can enable ReCaptcha for Abiquo. You will need to request keys from this link: https://www.google.com/recaptcha/admin#createsite

Set the public key in the Abiquo UI, in the client-config.json file:

"client.captcha.publickey" : ""

Set the private key in abiquo.properties :

abiquo.captcha.private.key=

Without a valid public key, ReCaptcha will not be shown and verified.

Configure Reset Password Email and URI

The email with instructions for users to reset their password is fully configurable.

Set email template

Set the email template and properties path in abiquo.properties. The default value is

abiquo.mail.path=/opt/abiquo/config/mail

Create the text for the reset password email. 

The default file name is:

resetPassword.properties

The default text is:

subject= Reset Your Abiquo Password 
intro=Hi, <br> <br> We've received a request to reset the password associated with:
body=Please use the following link:
footer=If you did not request the password reset, please ignore this email. <br> <br> Thank you, <br> The Abiquo Team
Email language support

The platform assigns the language of the UI during user creation as the user's language.

The platform searches for an email text in the user's language. 

The file name should follow the language file naming conventions.

For example, for a user with Spanish - Spain as their default language, the UI would look for the following file:

resetPassword_es_ES.properties
Customize the HTML for the email

The HTML template uses mustache to insert values from the platform.

The template file name is:

resetPasswordTemplate.mustache

The default template is:

 

<html>
 <body>
   <p>{{{intro}}}</p>
   <p>{{username}}</p>  
   <p>{{{body}}}</p>
   <p>{{link}}</p>
   <p>{{{footer}}}</p>
</body>
</html>

Note that in the template properties, you cannot set the username and link. Any values you set here will be overwritten by the platform.

In mustache templates, all variables are HTML escaped by default. If you want to return unescaped HTML, use the triple mustache.

Example

You could add the following warning message after the link

<p>{{{warning}}}</p>

Add this variable to the password properties

 

warning=<strong>Please contact your System Administrator after you reset your password</strong>

 

Password reset UI

UI Configuration

Set up passwords in Configuration view on the Password page: 

Click Edit to see more information about the range of values and the default. 

For full documentation see Configuration View#Password

Create a User

When you create a user, you can select an option to ensure they reset their password on login.

Locked Users

A user that is locked out for too many failed login attempts is marked as Suspended in Users view in both the list view and the card view.

The administrator can manually activate the account or the user can wait for the lockout period to end. 

 

API

See API Changelog v3.2

Password Events

The Abiquo events related to passwords can be found in the  Users section of the Events table.

  • No labels