You can still use bcrpytjs on raspbian but you would need to lower the bcrpyt_rounds setting from the default 12.
Yeah, either lower the rounds, or if you don't mind compiling it (npm does it automatically), use bcrypt instead.
Not yet, but for now you can do this by hiding the routes for
POST /login and
/register, and also by removing the local login elements from the
login.tpl as well.
Perhaps we can add a toggle to remove local logins in the forum settings... @baris, what do you think?
It would be nice to have a toggle in the ACP but make sure you have a big warning next to it.
I think we can actually also use
plugins.getListeners to ensure that alternative login strategies exist, and hide the option accordingly
To disable the local login, must I remove the routes for /login und /register? What do you mean 'hiding' @julian ? Or just fork and modify the theme, e.g., remove login.tpl and link in the menu.tpl?
If so, which theme should I modify? Will the templates in the lavanda overwrite those of in the vanilla?
@kevinprotoss Lavender is a child theme of Vanilla, so if the template is present in lavender, it will overwrite vanilla. Likewise, if the template doesn't exist in Lavender, then Vanilla's
.tpl file is used.
@julian I see. That's what I mean. If I wanna completely disable the
/register route for NodeBB, must I modify the source code of NodeBB? Is there any other possibilities?
@julian Thanks your cue. You are absolutely right. If it's just a toggle, then it will be a dead lock. Is it possible to make it as a bootstrap config?
@julian Is it possible to just add a toggle in the plugin's admin page and works only for this plugin. If the oauth2 server is down, just remove the plugins temporarily. I have a doubt whether NodeBB has already a safe mode start, this means starting without all the plugins ?
So, I just spotted this option in the ACP.... Needless to say I've managed to lock myself out. Help? Anyway to turn it back on from Terminal? (Not on a live server, don't panic)
./nodebb reset settings