GigsRabbit / Docs
Buy

Authentication Settings

v1.0.0 3 min read 4 views Last updated: 12 hours ago

Authentication Settings

Control how users register and verify their accounts in your marketplace.

Accessing Auth Settings

Navigate to Settings > Auth in your admin panel.

Account Verification Settings

Verification Required:

  • Toggle ON to require new users to verify their accounts
  • Toggle OFF to let users access immediately after registration
  • Recommended: Keep ON to reduce spam accounts

Verification Method: Choose how users verify their accounts:

  • Admin Manual - You manually approve each user from dashboard
  • Email - Users verify via email link (automated)

Verification Expiry Period:

  • Set how long (in minutes) the verification link remains valid
  • Default: 1440 minutes (24 hours)
  • Example: 60 = 1 hour, 1440 = 24 hours

Password Reset Expiry Period:

  • How long (in minutes) password reset links remain valid
  • Default: 120 minutes (2 hours)
  • Shorter time = more secure

Authentication Screen

Background Image:

  • Upload a wallpaper for login/register pages
  • Accepted formats: JPG, PNG, JPEG, GIF, SVG
  • Creates branded experience for users

Default User Levels

Default Buyer Level:

  • Select which level new buyers start at
  • Levels control permissions and limits
  • Usually set to most basic buyer level

Default Seller Level:

  • Select which level new sellers start at
  • Controls what sellers can do initially
  • Usually set to basic seller level

Social Login Configuration

The system supports 5 social login methods:

1. Facebook Login:

  • Enable/Disable toggle
  • Facebook Client ID field
  • Facebook Client Secret field

2. Twitter Login:

  • Enable/Disable toggle
  • Twitter Client ID field
  • Twitter Client Secret field

3. Google Login:

  • Enable/Disable toggle
  • Google Client ID field
  • Google Client Secret field

4. GitHub Login:

  • Enable/Disable toggle
  • GitHub Client ID field
  • GitHub Client Secret field

5. LinkedIn Login:

  • Enable/Disable toggle
  • LinkedIn Client ID field
  • LinkedIn Client Secret field

How to Setup Social Login

Example: Setting up Google Login

  1. Go to Google Cloud Console
  2. Create new project or select existing
  3. Enable Google+ API
  4. Create OAuth 2.0 credentials
  5. Add authorized redirect URI: yourdomain.com/auth/google/callback
  6. Copy Client ID and Client Secret
  7. In admin panel:
    • Toggle "Enable Google Login" ON
    • Paste Client ID
    • Paste Client Secret
    • Save changes

Best Practices

For New Marketplaces:

  1. Start with email verification only
  2. Keep verification required ON
  3. Set reasonable expiry times
  4. Add social logins after launch

For Security:

  1. Keep verification expiry short (24 hours)
  2. Password reset expiry even shorter (2 hours)
  3. Use manual approval for high-risk regions
  4. Monitor failed verification attempts

Troubleshooting

Verification emails not sending:

  • Check SMTP configuration first
  • Verify email templates exist
  • Check spam folders

Social login not working:

  • Verify Client ID and Secret are correct
  • Check callback URLs match exactly
  • Ensure APIs are enabled in provider dashboard
  • Clear cache after changes

Users stuck in verification:

  • Check verification method setting
  • If manual, check pending verifications
  • Verify email service is working
Tags: authentication login registration
Previous
Security Configuration