b882c304b1
Admin login & user management (novaconium/ISSUES.md): session-based
login against a SQLite users table replaces the single-user HTTP Basic
Auth stopgap (admin_username/admin_password_hash and /admin/password-hash
are gone; one admin_auth_enabled flag, off by default with zero DB
footprint). New /admin/login, /admin/logout (POST-only, real page), and
/admin/users pages plus bin/create-admin-user.php.
First user created is the admin; everyone after is registered with a
unique normalized email and an optional group. /admin/* and drafts are
admin-only; Lib\Access gates page content from sidecars
(Access::require('group:members')) with login-redirect/404 responses —
public by default, static pages always public by construction. User
management covers disable/enable, delete, promote/demote, group, email,
and password, with last-active-admin lockout guards.
Also: Session::regenerate() against fixation, friendly missing-PDO-driver
errors in Lib\Db, docs at /admin/docs/access-control and updates across
admin-auth/drafts/sidecars/config/libraries and README/AGENTS.md.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
55 lines
2.3 KiB
PHP
55 lines
2.3 KiB
PHP
<?php
|
|
|
|
// Override any subset of novaconium/config.php's defaults here — only list
|
|
// the keys you want to change. novaconium/bootstrap.php (and
|
|
// novaconium/bin/clear-cache.php) shallow-merge this over the framework
|
|
// defaults; see /admin/docs/config. Uncomment and adjust any of the
|
|
// examples below, or leave this file returning an empty array to keep
|
|
// every framework default as-is.
|
|
return [
|
|
// 'debug' => false,
|
|
|
|
// 'site_name' => 'My Site',
|
|
|
|
// Docs: /admin/docs/matomo
|
|
// 'matomo_url' => 'https://matomo.example.com/',
|
|
// 'matomo_site_id' => '1',
|
|
|
|
// Docs: /admin/docs/admin-auth — session login for /admin/* against
|
|
// the SQLite-backed users table. After enabling, create the first user
|
|
// at /admin/users, or beforehand (safer) with:
|
|
// php novaconium/bin/create-admin-user.php <username>
|
|
// 'admin_auth_enabled' => true,
|
|
|
|
// Docs: /admin/docs/database — adds (or overrides) named Lib\Db
|
|
// connections. This merges into db_connections by name rather than
|
|
// replacing the whole map, so adding 'legacy' here doesn't require
|
|
// repeating 'default' — see Lib\Db::config().
|
|
// 'db_connections' => [
|
|
// 'legacy' => [
|
|
// 'driver' => 'mysql',
|
|
// 'host' => 'localhost',
|
|
// 'port' => 3306,
|
|
// 'database' => 'legacy_app',
|
|
// 'username' => 'root',
|
|
// 'password' => '...',
|
|
// 'charset' => 'utf8mb4', // optional, defaults to utf8mb4
|
|
// 'migrations_dir' => __DIR__ . '/migrations/legacy', // optional
|
|
// ],
|
|
// ],
|
|
|
|
// Docs: /admin/docs/drafts — requires admin_auth_enabled above (and at
|
|
// least one user) to actually gate anything; open access otherwise,
|
|
// same as the rest of /admin/*.
|
|
// 'draft_routes' => ['blog/upcoming-post'],
|
|
|
|
// Docs: /admin/docs/content-index — powers /sitemap.xml, /search, and
|
|
// blog tag browsing. Off by default (depends on SQLite); enable with:
|
|
// 'content_index_enabled' => true,
|
|
//
|
|
// Or enable but skip the automatic lazy reindex, relying only on
|
|
// `php novaconium/bin/index-content.php` (e.g. from a deploy step):
|
|
// 'content_index_enabled' => true,
|
|
// 'content_index_auto' => false,
|
|
];
|