= Account Manager Plugin = [[PageOutline(2-3)]] == Description == The AccountManager offers several features for managing user accounts: * allow users to register new accounts * login via an HTML form instead of using HTTP authentication * allow existing users to change their passwords or delete their accounts These features are new in the plugin for Trac 0.10. * send a new password to users who've forgotten their password * administration of user accounts == Bugs/Feature Requests == Existing bugs and feature requests for AccountManagerPlugin are [query:?status=new&status=assigned&status=reopened&group=&component=AccountManagerPlugin&order=priority here]. If you have any issues, create a [http://trac-hacks.org/newticket?component=AccountManagerPlugin&owner=mgood new ticket]. == Install == First make sure you've [trac:wiki:TracPlugins#Requirements installed setuptools]. Then you can install the plugin using the `easy_install` application. '''Note:''' Windows users will need to [http://peak.telecommunity.com/DevCenter/EasyInstall#windows-notes add easy_install to their PATH]. For Trac 0.9: {{{ easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.9 }}} For Trac 0.10: Install the trac:WebAdmin plugin. Then install this plugin: {{{ easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.10 }}} For Trac 0.11: (and check #899 patch) {{{ easy_install http://trac-hacks.org/svn/accountmanagerplugin/trunk }}} == Source == [source:/accountmanagerplugin Browse the source] Subversion Checkout: {{{ svn co http://trac-hacks.org/svn/accountmanagerplugin/0.9 }}} == Components == In order to use the features of the AccountManager you will need to enable some or all of its components. The easiest way to enable the components is via the trac:WebAdmin plugin. Users logged in with the TRAC_ADMIN permission will be able to manage the enabled components: [[Image(components-admin.png)]] Components can also be enabled or disabled in the [trac:TracIni trac.ini] file under the `[components]` section. For example to enable the login form and disable user registration: {{{ [components] trac.web.auth.LoginModule = disabled acct_mgr.web_ui.LoginModule = enabled acct_mgr.web_ui.RegistrationModule = disabled }}} The available components are described below. === !AccountManager === '''Package''':: acct_mgr.api This is the core of this plugin. This components ''must'' be enabled to use any of the other components. === !HtDigestStore === '''Package''':: acct_mgr.htfile Used to store passwords in the htdigest file format. To use this component to manage your password file you need to enable it as described above and add some additional configuration to [trac:TracIni trac.ini]: {{{ [components] ; be sure to enable the component acct_mgr.htfile.HtDigestStore = enabled [account-manager] ; configure the plugin to store passwords in the htdigest format: password_format = htdigest ; with Trac 0.10 use this instead: password_store = HtDigestStore ; the file where user accounts are stored ; the webserver will need write permissions to this file ; and its parent folder password_file = /var/trac/trac.htdigest ; the name of the authentication "realm" ; it can be any text to identify your site or project htdigest_realm = TracRealm }}} === !HtPasswdStore === '''Package''':: acct_mgr.htfile Used to store passwords in the htpasswd file format. To use this component to manage your password file you need to enable it as described above and add some additional configuration to [trac:TracIni trac.ini]: {{{ [components] ; be sure to enable the component acct_mgr.htfile.HtPasswdStore = enabled [account-manager] ; configure the plugin to store passwords in the htpasswd format: password_format = htpasswd ; with Trac 0.10 use this instead: password_store = HtPasswdStore ; the file where user accounts are stored ; the webserver will need write permissions to this file ; and its parent folder password_file = /var/trac/trac.htpasswd }}} === !HttpAuthStore === '''Package''':: acct_mgr.http Used to delegate authentication to the web server. This allows access to be restricted based on LDAP, a password file, etc, or some combination of them. Note: This password store does not support listing/adding/removing users or changing passwords. {{{ [components] ; be sure to enable the component acct_mgr.http.HttpAuthStore = enabled [account-manager] ; configure the plugin to use a page that is secured with http authentication authentication_url = http://hostname/path }}} This will generally be matched with an Apache config like: {{{ ...HTTP authentication configuration... Require valid-user }}} === !AccountManagerAdminPage === '''Package''':: acct_mgr.admin '''Note:''' This component requires Trac 0.10 This component adds a new page to the trac:WebAdmin section for managing user accounts. It requires the `TRAC_ADMIN` permission to access. {{{ [components] acct_mgr.admin.AccountManagerAdminPage = enabled }}} [[Image(account-manager-admin.png)]] === !AccountModule === '''Package''':: acct_mgr.web_ui Allows users to change their password, or delete their account. When logged in it will appear as a link "My Account" in the same row as the "Login" link. {{{ [components] acct_mgr.web_ui.AccountModule = enabled }}} [[Image(my-account.png)]] '''New for Trac 0.10:''' When used in combination with the [wiki:AccountManagerPlugin#LoginModule LoginModule] it adds a link to the login page "Forgot your password?" where users can reset their password if they've forgotten it. You will need to have your SMTP server information configured in your {{{trac.ini}}} for the "Forgot your password?" link to show up. [[Image(reset-password.png)]] === !LoginModule === '''Package''':: acct_mgr.web_ui '''Warning:''' this module is not supported using the [trac:TracStandalone tracd] stand-alone server on Trac 0.9. It either needs Trac 0.10, or an external webserver such as Apache. Allows users to login via a HTML form instead of using HTTP authentication. In order to use this plugin you will need to disable the default Trac login module: {{{ [components] trac.web.auth.LoginModule = disabled acct_mgr.web_ui.LoginModule = enabled }}} [[Image(login-form.png)]] ==== Disable HTTP authentication ==== When using the [trac:TracStandalone tracd] server be sure '''not''' to use the "`--auth`" or "`--basic-auth`" options. Using either of these options will cause tracd to popup the username/password dialog box and you will not be able to use the HTML form. If you have previously enabled authentication for Trac on Apache, you will need to disable it or Apache will popup the username/password dialog and you will be unable to use the HTML form. In order to disable the authentication look for a section in the Apache configuration file like like: {{{ # Some options like AuthType and AuthUserFile Require valid-user }}} Deleting or commenting the `Require valid-user` line should be sufficient to disable HTTP authentication. After you've tested it you can probably delete or comment out the rest of the authentication options. === !RegistrationModule === '''Package''':: acct_mgr.web_ui Enables users to register a new account. It adds a "Register" link on the same menu bar as the "Login" link. {{{ [components] acct_mgr.web_ui.RegistrationModule = enabled }}} [[Image(register.png)]] == Author/Contributors == '''Author:''' [wiki:mgood] [[BR]] '''Contributors:''' [[TagIt(plugin,mgood,alpha,0.9)]]