You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It uses custom views generated by rodauth-rails. It also includes example
system tests for all authentication features.
Admin account
The app has an additional /admin section that can be accessed by a separate
admin account type. Authentication for admin accounts is defined in
RodauthAdmin, which inherits shared configuration from RodauthBase, and
adds additional behaviour:
setting up MFA is required
account is locked on 4th invalid login attempt
password complexity requirements
disallow common or breached passwords
account creation from the console (disabled in UI)
closed accounts are deleted from the database
Login for admin and main account types are separated, and account records are
differentiated by the accounts.type column.
JSON API
The JWT feature is enabled, providing JSON API access to Rodauth endpoints
using JWT.
Here is an example JSON request for account creation, which includes the email
and the custom name parameter:
200 OKContent-Type: application/jsonAuthorization: eyJhbGciOiJIUzI1NiJ9.eyJhY2NvdW50X2lkIjo2NywidW52Z...
{ "success": "An email has recently been sent to you with a link to verify your account" }
Here is an example JSON request for account verification, which includes the
token from the verification email link and the password for the account:
POST /verify-accountContent-Type: application/json
{ "key": "81_nG-P3iYpWc3Y4-A74J821ssYHctlOhChUCPfsDh96Q4" }
200 OKContent-Type: application/jsonAuthorization: eyJhbGciOiJIUzI1NiJ9.eyJhY2NvdW50X2lkIjo4MiwiYXV0a...
{ "success": "Your account has been verified" }
About
Example Rails app that uses Rodauth for authentication
