mirror of
https://github.com/lobehub/lobehub
synced 2026-04-21 17:47:27 +00:00
112 lines
3.3 KiB
Text
112 lines
3.3 KiB
Text
---
|
|
title: Configuring Email/Password Authentication for LobeHub
|
|
description: >-
|
|
Learn how to configure email and password authentication for LobeHub,
|
|
including enabling/disabling options and SSO-only mode.
|
|
tags:
|
|
- Email
|
|
- Password
|
|
- Authentication
|
|
- LobeHub
|
|
---
|
|
|
|
# Configuring Email/Password Authentication
|
|
|
|
LobeHub supports traditional email and password authentication out of the box.
|
|
This guide covers the available configuration options.
|
|
|
|
## Default Behavior
|
|
|
|
By default, email/password authentication is enabled.
|
|
Users can register with their email address and set a password.
|
|
|
|
## Configuration Options
|
|
|
|
### Disable Email/Password Authentication (SSO-Only Mode)
|
|
|
|
If you want to force users to authenticate via SSO providers only,
|
|
set the following environment variable:
|
|
|
|
| Environment Variable | Type | Description |
|
|
| ----------------------------- | -------- | ------------------------------------------ |
|
|
| `AUTH_DISABLE_EMAIL_PASSWORD` | Optional | Set to `1` to disable email/password login |
|
|
|
|
When enabled:
|
|
|
|
- The email input field is hidden on the login page
|
|
- Only SSO provider buttons are displayed
|
|
- The signup page redirects to the login page
|
|
- Users must authenticate through configured SSO providers
|
|
|
|
<Callout type={'warning'}>
|
|
Before enabling SSO-only mode, ensure you have configured at least one SSO
|
|
provider via `AUTH_SSO_PROVIDERS`. Otherwise, users will have no way to log
|
|
in.
|
|
</Callout>
|
|
|
|
### Enable Email Verification
|
|
|
|
To require users to verify their email address before signing in:
|
|
|
|
| Environment Variable | Type | Description |
|
|
| ------------------------- | -------- | ---------------------------------------- |
|
|
| `AUTH_EMAIL_VERIFICATION` | Optional | Set to `1` to require email verification |
|
|
|
|
This requires configuring an email service (SMTP).
|
|
See [Email Service Configuration](/docs/self-hosting/auth/email) for details.
|
|
|
|
### Enable Magic Link Login
|
|
|
|
To allow passwordless login via email magic links:
|
|
|
|
| Environment Variable | Type | Description |
|
|
| ------------------------ | -------- | ------------------------------------- |
|
|
| `AUTH_ENABLE_MAGIC_LINK` | Optional | Set to `1` to enable magic link login |
|
|
|
|
This also requires configuring an email service (SMTP).
|
|
|
|
## Change Password
|
|
|
|
Users can change their password in two ways:
|
|
|
|
1. **Profile Settings**: Go to Settings > Profile to change password
|
|
2. **Forgot Password**: On the login page, enter email, proceed to the password step, then click "Forgot Password" below the password input
|
|
|
|
<Callout type={'info'}>
|
|
Both methods require email service (SMTP) to be configured for sending
|
|
password reset emails.
|
|
</Callout>
|
|
|
|
## Example Configurations
|
|
|
|
### SSO-Only (Disable Email/Password)
|
|
|
|
```bash
|
|
AUTH_DISABLE_EMAIL_PASSWORD=1
|
|
AUTH_SSO_PROVIDERS=google,github
|
|
```
|
|
|
|
### Email/Password with Verification
|
|
|
|
```bash
|
|
AUTH_EMAIL_VERIFICATION=1
|
|
SMTP_HOST=smtp.example.com
|
|
SMTP_PORT=587
|
|
SMTP_USER=noreply@example.com
|
|
SMTP_PASS=your-password
|
|
```
|
|
|
|
### Email/Password with Magic Link
|
|
|
|
```bash
|
|
AUTH_ENABLE_MAGIC_LINK=1
|
|
SMTP_HOST=smtp.example.com
|
|
SMTP_PORT=587
|
|
SMTP_USER=noreply@example.com
|
|
SMTP_PASS=your-password
|
|
```
|
|
|
|
<Callout type={'tip'}>
|
|
Go to [Environment Variables](/docs/self-hosting/environment-variables/auth)
|
|
for detailed information on all authentication variables.
|
|
</Callout>
|