ToDo

• continue code review, increasing unit test coverage and bug squashing.
• include code from other plugins and eventually obsolete these:
  • FineGrainedPageAuthzEditorPlugin
  • HtGroupEditorPlugin
  • UserManagerPlugin
  • UserPicturesPlugin
  • UserStatsMacro

Manage Trac user accounts

Description

This plugin offers features for managing user accounts on Trac.

Key features:

• enable authentication through a number of built-in authentication resources and some more by third party extensions
• allow users to register new accounts
• login via an HTML form instead of using HTTP authentication
• allow existing users to change their passwords, even delete their accounts
• send a new password to users who have forgotten their password
• administration of user accounts
• login failure tracking and rule based account locking (temporary or permanent lock)
• per-account details admin page
• password hash refresh and store migration on user login
• i18n support (requires Trac 0.12 or later)
• account meta-data listing from Trac database table session_attribute, with cleanup option
• Single-Sign-On functionality for applications with multiple Trac environments per domain/host
• other account-/user-related wiki macros

Bugs/Feature Requests

Existing bugs and feature requests for AccountManagerPlugin are here.

If you have any issues, create a new ticket.

Read the recommendations on where to start. Please respect our rules for contributions, which are in effect for this plugin.

defect	419 / 439
enhancement	137 / 159
task	20 / 21

Downloads and Source

Development Version	Trac 1.2 and later	pip install svn+https://trac-hacks.org/svn/accountmanagerplugin/trunk	download from trac-hacks	Subversion
Stable Version	Trac 1.2 and later	pip install TracAccountManager	download from trac-hacks or ​PyPi	Subversion
Old Version	Trac 1.0	pip install TracAccountManager==0.5.0	download from trac-hacks or ​PyPi	Subversion
Old Version	Trac 0.12 and early	pip install TracAccountManager==0.4.4	download from trac-hacks or ​PyPi	Subversion

For Subversion checkout use svn co <url> with the appropriate address (URL) from the table above.

Source

You can check out AccountManagerPlugin from here using Subversion, or browse the source​ with Trac.

Installation

General instructions on installing Trac plugins can be found on the TracPlugins page.

Hint: Whether you are using tracd standalone server or a web-server, you must restart it to detect and load the plugin.

Upgrades from previous versions: Please see the README.update​ file included in the source.

To use the features of the AccountManager some or all of its components need to be enabled. The available components are mentioned here, but are described in greater details on separate pages linked below.

Component	Description/Purpose	Recommendation
AccountManager	This holds the core code of this plugin.	This component must be enabled to use any of the other components. See details.
AccountManagerAdminPanel1	This component adds new pages to the web admin section.	The admin part for managing related parts of Trac's configuration in trac.ini should be an important part of what you're expecting. See details.
AccountModule	Allows users to manage their account via tab "Account" in users "Preferences". They can change their password, or even delete their account, if permission granted by appropriate configuration.	The user accessible part, might be required or even forbidden depending on your use case. See details.
LoginModule	Allows users to login via a HTML form instead of using HTTP authentication.	Replace Trac's own login module for an alternative to Simple HTTP Authentication, but only one can be enabled at a time. See details.
AccountGuard	This component adds login failure tracking and administrative account locking.	Use it as part of your security policy to protect against brute-force attacks on user passwords. See details.
RegistrationModule	This adds a "Register" link on metanav, next to the Login link, where users can register a new account. The procedure of registration is configurable.	See details.
EmailVerificationModule	A new email address will trigger an email with a verification code to enter, to approve it is really users own email address, and user account privileges cut down until successful verification.	Implement a verification process for added or changed email addresses, if required. See details.

¹ Name in acct_mgr-0.3 was AccountManagerAdminPage. If you are upgrading to acct_mgr-0.4 from an earlier version, and this feature was enabled using acct_mgr.admin.AccountManagerAdminPages, this feature will now be disabled until it is enabled using acct_mgr.admin.AccountManagerAdminPanel.

The easiest way to learn about available components and enable them is via Trac's plugin admin page. Users logged in with the TRAC_ADMIN permission will be able to manage the enabled components:

Components can also be enabled or disabled in the ​trac.ini file under the [components] section.

Configuration

The configuration cookbook is the recommended place to look for examples of basic configurations and more.

To use the AccountManager plugin, while logged in as a user with TRAC_ADMIN rights, use the "Admin" link on the menubar.

You might want to change some permission assignments. For instance, if you remove TICKET_MODIFY and WIKI_MODIFY permission from the "anonymous" group and add it to the "authenticated" group instead, then only authenticated, logged-in (registered) users can perform ticket modifications and wiki editing.

TRAC_ADMIN is not strictly required for access to account administration pages provided by AccountManager. The ACCTMGR_* permissions are sufficient, and should even be preferred where appropriate, ie to limit delegation of administrative tasks to just account administration by granting ACCTMGR_USER_ADMIN.

About i18n/l10n support

Starting with acct_mgr-0.3 this plugin has been prepared for localization, and English message texts are the (POSIX) default. If English is not your preferred language, you can:

1. Check if it's already available from the Trac plugin l10n project at ​Transifex or
2. Do it yourself, see the ​l10n cookbook page for Trac plugins for more details.

Contributing your translation is highly appreciated. You could send it to the plugin's maintainer or contribute to Trac plugin l10n project via ​Transifex:

Top translations: Trac_Plugin-L10N » ​acct_mgr

Left: Status for acct_mgr-0.3.
Right: Near-sync to trunk.

Preparing the plugin from source requires no additional steps for compiling message catalog files. To include # fuzzy translations only, you'll want to do a manual message catalog compilation with the extra -f argument before packaging:

cd accountmanagerplugin/
python ./setup.py compile_catalog -f
python ./setup.py bdist_egg

On-screen messages about missing locale directory are often a side-effect of failure to compile any message catalog for inclusion into Python egg, hence the whole path is missing. Due to a known Trac issue, Babel has to be installed prior to Trac to get it all working as expected. See the ​l10n cookbook page for Trac plugins for more details.

Recent Changes

18669 by jun66j5 on 2024-11-02 10:44:22

TracAccountManager 0.6.1dev: fix AttributeError raised when session cookie is regenerated (closes #14361)

18668 by jun66j5 on 2024-11-01 03:38:40

TracAccountManager 0.6.1dev: fix verification token being a bytes instance (closes #14362)

18667 by jun66j5 on 2024-11-01 02:58:34

TracAccountManager 0.6.1dev: add Python 3.13 to tox.ini and make tests compatible with Python 3.13

(more)

Author/Contributors

Author: mgood
Maintainer: Ryan J Ollos
Contributors: coderanger, crocea, janakj, jun66j5, manski, mrelbe, otaku42, pacopablo, riggs, rjollos, s0undt3ch, lgaifax