This plugin introduces a configurable user registration process for DMX User Accounts. The plugin can be configured so users need to opt-in, utilizing confirmation emails (active for 60mins).
Most (if not all) user facing message are translatable by now. A german language version of this bundle can be build from source after setting the language option to de
using the plugin.properties
file.
This plugin adds:
- A "User Mailbox" association type to associate "Email Address" w. "User Accounts".
- A
Sign-up
-link next to theLogin
-button in the DMX Webclient - A
Sign-up Configuration
topic associated to theDMX Sign up
Plugin topic (part of the "System" workspace and thus editable by all members of it) - A
Forgot password?
link to theLogin
-dialog in the DMX Webclient
The special features of the self-registration ui is comprised of:
- Username existence check
- Email existence check
- Simple GUI-Notification mechanism
- Minimal CSS Definition
- Administration workspace members can create accounts without email confirmation
The special features of the login ui is comprised of:
- Simple GUI-Notification mechanism
- Automatic redirect
- Minimal CSS Definition
The special logic of this plugin is comprised of:
- Optionally: Setup an email based confirmation workflow for new accounts
Sends confirmation mail with token to the users registering Email address
Allows for the password reset functionality to take place also via an Email based confirmation workflow - Optionally: Send notifications to system administrator if a new user account was created
- Optionally: If
dmx.security.new_accounts_are_enabled
(platform configuration option) is set totrue
an account activation notice is sent - Optionally: If a
User Mailbox
exists a "Passwort reset"-workflow is available - Optionally: A workspace URI can be specified whose members have the right to create new users.
- Optionally: User accounts can be created through the LDAP plugin.
Note: If Email Confirmation Required
is set to true the confirmation tokens the system sends out are not persisted and get lost after a bundle/system restart. Once a token was send out the link containing it is valid for sixty minutes.
Email address topics of new user accounts are all placed in the "Administration" workspace too.
DMX 5.3: DMX is a platform for collaboration and knowledge management. https://github.com/dmx-systems/dmx-platform
To be able to install this module you first and additionally have to install the following DMX Plugins.
dmx-thymeleaf-0.9.3+
-Bundle - Build from sourcesdmx-sendmail-2.1.0+
-Bundle - Build from sourcesdmx-ldap-0.6.2-SNAPSHOT
+`-Bundle - Build from sources
You can find the respective plugin version and its dependencies for download at https://download.dmx.systems/plugins/.
Operations: For the plugins mailbox validation process to run you must install these plugins with DMX on a web server with a
postfix
-> Internet Site
like mail send functionality.
After downloading all bundle-files, place them in the bundle-deploy
folder of your DMX installation and restart DMX.
Since the 2.0.0 release, the following options must be configured in either the dmx-platform's config.properties
(binary release) or pom.xml
(if you run the platform from sources) file.
dmx.signup.confirm_email_address = true
dmx.signup.admin_mailbox = [email protected]
dmx.signup.system_mailbox = [email protected]
dmx.signup.account_creation = admin
dmx.signup.account_creation_password_handling = generated
dmx.signup.account_creation_auth_ws_uri =
dmx.signup.ldap_account_creation = false
dmx.signup.token_expiration_time = 2
Legacy wise, the rest of the plugin options are stored in DB. The central topic for configuring the sign-up plugin is of type Sign-up Configuration
. Editing this topic via the DMX Webclient allows you to interactively configure the appearance of the custom login and self-registration dialogs.
The sign-up configuration is associated with the "Plugin" topic representing this plugin ("DMX Sign up"). It can be revealed by all members of the Administration
workspace.
Note: If you want to use the "Password reset" functionality without allowing users to self-register you must make sure "User Account" topics are equipped with a "User Mailbox". To set this up, see instructions here: https://git.dmx.systems/dmx-plugins/dmx-sign-up/-/issues/2
The sign-up can work in three different modes:
Value | Description |
---|---|
disabled | nobody can create new accounts |
admin | only administrator (privileged users) can create new accounts |
public | anybody can create new accounts through self-registration in addition to the administrators |
The desired working mode is configured by setting the property:
dmx.signup.account_creation = disabled | admin | public
The default value is "disabled" and also goes into effect when the value has been misspelled.
If you only want to use the password-reset functionality and/or equip existing user accounts with an email address topic, please read the following hints: https://git.dmx.systems/dmx-plugins/dmx-sign-up/-/issues/2#note_17729
If you don't want to allow users to self-register accounts but want to make use of the sign-up plugin features, you find more hints here. Basically you need to log in as "admin" ("or Administration workspace member) first and then browse (manually) to /sign-up
and use the form to create new accounts.
In order for an already logged in user have the permission to create a new user the former user either needs to be a member of the administration workspace or be a member of the workspace specified through the "dmx.signup.account_creation_auth_ws_uri" configuration option. Not setting this value means that only the administration workspace membership check is in place.
The plugin can be configured so that during sign-up one can enter the password to be used for the account or the password is generated and users are required to do an initial password reset in order to set the password to a value of their liking.
The behavior is configured through the option:
dmx.signup.account_creation_password_handling = editable | generated
The validity of the tokens used for account creation and password reset in hours is set through the property:
dmx.signup.token_expiration_time = 2
The default value is 2, so a user has two hours from the moment of creating the account/requesting the password reset to click on the link that is contained in the account creation/password reset request email.
The module configuration is done through a configuration topic in DMX itself. However during the first deployment default values for the topic can be provided through the platform configuration through the following properties:
dmx.signup.config_project_title =
dmx.signup.config_webapp_title =
dmx.signup.config_webapp_logo_path =
dmx.signup.config_custom_css_path =
dmx.signup.config_read_more_url =
dmx.signup.config_pages_footer =
dmx.signup.config_tos_label =
dmx.signup.config_tos_detail =
dmx.signup.config_pd_label =
dmx.signup.config_pd_detail =
dmx.signup.start_page_url =
dmx.signup.home_page_url =
dmx.signup.loading_app_hint =
dmx.signup.logging_out_hint =
dmx.signup.config_api_enabled = false
dmx.signup.config_api_description =
dmx.signup.config_api_details =
dmx.signup.config_api_workspace_uri =
In case a value is not provided in the platform configuration a built-in default value is used.
There is currently just one more special configuration option: You can setup an automatic workspace assignment for self-registering users. If you do so, new users using the sign-up dialog automatically join (become members of) that works. To do so you need to associate that very workspace topic with your active sign-up configuration.
And here comes the pitfall: To take this "custom workspace assignment" into effect you must press "Edit" and "Save" on your current sign-up configuration topic once (or restart the platform). Only in these two cases the sign-up configuration is reloaded and comes into effect, see #1).
You'll notice something similar to the following two lines in your server-side log (when editing and Saving your sign-up configuration):
Jan 15, 2021 01:28:37 AM systems.dmx.signup.SignupPlugin reloadAssociatedSignupConfiguration
INFORMATION: Configured Custom Sign-up Workspace => "DMX"
Jan 15, 2021 01:28:37 AM systems.dmx.signup.SignupPlugin reloadAssociatedSignupConfiguration
INFORMATION: Sign-up Configuration Loaded (URI="dmx.signup.default_configuration"), Name="My DMX"
The plugin can be configured to use the dmx-ldap plugin for account creation. When enabled the username and password are stored in LDAP instead of DMX itself. The option is disabled by default and is switched on by setting the property:
dmx.signup.ldap_account_creation = true
Keep in mind that the dmx-ldap plugin also has a configuration option that controls account creation functionality. This must be enabled as well. Refer to the plugins README for more information on its configuration.
The plugin allows restricting the allowed authorization methods by setting the property:
dmx.signup.dmx.signup.restrict_auth_methods = LDAP, BASIC
The value is a comma-separated list of auth method values. Please note that the order of the restriction list is preserved in the web frontend. As such the property can also be used to enforce a certain auth method order.
When the property is not set, all known auth methods are allowed and their order is defined by the platform.
DMX Sign-up is available freely under the GNU Affero General Public License, version 3 or later (see License).
2.1.1 -- TBD
2.1.0 -- Jul, 14, 2023
- Compatible with DMX 5.3
- Account creation through LDAP plugin
- True optional dependency on
dmx-ldap-0.6.2+
plugin - Configure workspace whose users can create new users
- Configure module configuration through property configuration
- Validity of account creation and password reset token configurable
2.0.1 -- Jun 30, 2021
- Compatible with DMX 5.2
- Migrates existing 'User Mailbox' edges into new platform association type
- Log config settings on bundle activation
2.0.0 -- Jan 15, 2021
- Compatible with DMX 5.1
- Adapted dialog styles to resemble DMX 5.1 styling
- Password reset-workflow available without sign-up enabled
- Four core configuration options externalized into
config.properties
- New configuration option to de-activate sign-up (e.g. to only use password-reset functionality)
- Rewritten plugins webclient integration for DMX 5.1
- Mailservices factored-out into dmx-sendmail plugin
- Adapted License to AGPL 3.0
- Adapted all type URIs to new namespace
1.6.0 -- Mar 31, 2018
- Minor refactoring of the service API
- Added Javadocs to the main service calls
- Couple of bug fixes:
Make confirmation link name configurable
JS compatibility for IE10+ - Compatible with DeepaMehta 4.9
1.5.2 -- Feb 12, 2017
- Allows members of the Administration workspace to create accounts w/out confirmation mails (even if email based confirmation workflow is ON)
- Acccount creation does not fail because confirmation workflow active but SMTP unavailable
- Improved logging if confirmation workflow active but SMTP unavailable
- Fixes missing stylesheet on confirmation failure page (e.g. when link expired)
- Clarified resource bundle loading & slightly extended translations
1.5.1 -- Nov 14, 2016
- Fixes critical error (typo introduced during translations) in password-reset template
- Extends translatable hints for sign-up and login dialog, added german languaged messages
- Fixes some typos in user dialogs and the header style on the account-edit template
- New "API Usage" option now translatable and basically working (see "/sign-up/edit")
- Adds migration to move the "API Membership Request" topic into "System" workspace
- Some general (but minor) improvements
1.5 -- Aug 05, 2016
- Translatable (HTML dialogs and Emails) using Javas ResourceBundles mechanism (almost complete)
- Introduced a new plugin.property
org.deepamehta.sign-up.language=en
with support for
building this plugin inde
andfr
language (additionally to the defaulten
) - Added "German" translation to the most important user facing dialogs
- Including (empty by default) navigation HTML fragment which other plugins can override (and thus use to inject their own navigation HTML fragment into the sign-up templates)
- Requires the upcoming dm4-thymeleaf version 0.6.1
- Fixes sign-up form for users of MSIE
- Compatible with DeepaMehta 4.8.1
1.4 -- Jul 11, 2016
New features and changes:
- Extended dialogs to manage passwort reset and login
- Introduces password reset functionality via Email
- Added migration moved config topic to 'Administration'
- Configuration can thus only be loaded during 'init' hook or by 'admin'
- Compatible with DeepaMehta 4.8
Additional Changes:
- New Configuration options in particular as required by dm4-kiezatlas-website:
Displaying Logout functionality if the user is currently logged-in and visits the login page
Added two custom workspace membership features: 1) is set up via a simple Association between the Workspace and the Sign-up Configuraton topic and the other 2) is modelled as a Note relating requests for an additional workspace membership (which works for private or confidential workspaces)
A new route/sign-up/edit
view allowing to manage this custom workspace feature
Added options to have redirects after login/logout configurable - Signed up mailboxes are for now stored in admins Private Workspace workspace
- Providing a OSGi mail notification service for other plugins to send mails to the mailbox configured in System Recipient Mailbox
Fixes:
- Bug in client side form validation leading to a possible registration when the username is already taken
1.1 -- Nov 23, 2015
- "Email Confirmation Required" is now a new configuration option:
If.. Required
, confirmation mails are send out including a token
(valid for 60mins) and a link to proceed with the sign-up process
Note: This option requires a 'postfix' -> 'Internet Site' like web server setup - Further, if an "Admin Mailbox" is set, notifications on each account creation are sent to admin
- Updated sources to be compatible with DeepaMehta 4.7
- Updated dependency to bundle dm47-webactivator-0.4.6
- Included a few webpages which inform the user about the sign-up process
- If
new_accounts_are_enabled
is set to false, a notification is sent to the user when her account isEnabled
by an administrator
Note: This plugin is not compatible with previous installations of the dm4-sign-up module.
1.0.0 -- Dec 25, 2014
- configurable by end-users
- compatible with 4.4
- feature complete
Copyright (c) 2014-2019 Malte Reißig Copyright (c) 2020-2022 DMX Systems