We need to decide on how strict we want to be by default. I've set up the rules to match
Username: currently requires a valid email address (i.e. no admin)
Password: same to legacy (possibly too lenient)
The migration process imports the old passwords as-is, but any new passwords/password changes will have to conform to the new rules. The localauth config offers the following (defaults in brackets):
[ ] Add documentation listing changes & ways to override
Directories
All dirs have been set up to be relative to data and temp, which are currently situated inside the src root, but we may want to change this (possbily outside of the src, see https://github.com/adapt-security/adapt-authoring/issues/500, or maybe in a single folder in the src? i.e. APP_DATA/data, APP_DATA/temp).
Auth
We need to decide on how strict we want to be by default. I've set up the rules to match
admin
)The migration process imports the old passwords as-is, but any new passwords/password changes will have to conform to the new rules. The localauth config offers the following (defaults in brackets):
minPasswordLength
:8
passwordMustHaveNumber
:false
passwordMustHaveUppercase
:false
passwordMustHaveLowercase
:false
passwordMustHaveSpecial
:false
(i.e. special/symbol chars:#?!@$%^&*-
)TODO
Directories
All dirs have been set up to be relative to
data
andtemp
, which are currently situated inside the src root, but we may want to change this (possbily outside of the src, see https://github.com/adapt-security/adapt-authoring/issues/500, or maybe in a single folder in the src? i.e.APP_DATA/data
,APP_DATA/temp
).We only need to change the following:
dataDir
tempDir