forked from sigp/lighthouse
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Feat: lighthouse book - ui authentication (sigp#4232)
## Proposed Changes Added page explanation for authentication under Siren UI book. ## Additional Info Please provide any additional information. For example, future considerations or information useful for reviewers.
- Loading branch information
1 parent
2320cdb
commit b3fed3a
Showing
7 changed files
with
37 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Authentication | ||
|
||
To enhance the security of your account, we offer the option to set a session password. This allows the user to avoid re-entering the api-token when performing critical mutating operations on the validator. Instead a user can simply enter their session password. In the absence of a session password, Siren will revert to the api-token specified in your configuration settings as the default security measure. | ||
|
||
> This does not protect your validators from unauthorized device access. | ||
![](imgs/ui-session-auth.png) | ||
|
||
Session passwords must contain at least: | ||
|
||
- 12 characters | ||
- 1 lowercase letter | ||
- 1 uppercase letter | ||
- 1 number | ||
- 1 special character | ||
|
||
|
||
## Protected Actions | ||
|
||
Prior to executing any sensitive validator action, Siren will request authentication of the session password or api-token. | ||
|
||
![](imgs/ui-exit.png) | ||
|
||
|
||
In the event of three consecutive failed attempts, Siren will initiate a security measure by locking all actions and prompting for configuration settings to be renewed to regain access to these features. | ||
|
||
![](imgs/ui-fail-auth.png) | ||
|
||
## Auto Connect | ||
|
||
In the event that auto-connect is enabled, refreshing the Siren application will result in a prompt to authenticate the session password or api-token. If three consecutive authentication attempts fail, Siren will activate a security measure by locking the session and prompting for configuration settings to be reset to regain access. | ||
|
||
![](imgs/ui-autoconnect-auth.png) |