User Settings
Description
The User Settings module provides a simple interface for users to change their settings (such as email address, password and landing page) and set up 2FA.
Features
- Change email address
- Change password
- Change landing page
- Notifications (for Ambience only)
- Set up 2FA
The type of password that can be used depends on the policy being setup in the application.conf file. Administrators can setup parameters such as minimum length, what a password should contains, what kind of password phrases should not be allowed, etc. Refer to Application Config File Guide on how to define the password policy and localise the language of the information to be displayed.
This module is available for both Ambience and Repertoire software suite.
Module Interface
| Interface | Description | Required Privilege |
|---|---|---|
| User Settings | Allows changing of email address, password and landing page. | mod-user-settings |
Change Email Address
To change the email address, select the “Email Address” option in the left panel.
Key in the new email address and the login password in the “Change Email Address” panel. Click on the “Request Email Address Change” button.
The relevant error message will appear if the password entered is incorrect or if the any field is left blank.
If the password is correct, a validation code will be sent to the new email address. Key in the validation code and click on the “Verify Email Change” button.
If the verification fails, an error message will appear.
Upon successful verification, a message will appear.
Change Password
To change the password, select the “Password” option in the left panel.
The “Change Password” panel will appear.
Key in the old password and the new password twice in the “Change Password” panel. Click on the “Request Password Change” button.
If the existing password or new password is incorrect or left blank, the relevant error message will appear.
If the passwords are correct, a validation code will be sent to the user’s email address. Key in the validation code and click on the “Verify Password Change” button.
If the verification is incorrect, an error message will appear.
Upon successful password change, a message will appear.
Do note that if the email that sends the validation code is turned off in the application.conf file, the “Verify Password Change” section will not appear. Thus, the password will be changed immediately without verification. Refer to the Application Config File Guide in Support Documents for more details.
Change Landing Page
When the Ambience/Repertoire software launches, a default page is displayed.
By default, the landing page is chosen by the administrator and the landing page is the Service Chooser page. As a user, you can change landing page. You can either select a dashboard from the drop-down list (if you have the correct dashboard privileges). Or select URL and key in a web address.
Click on the “Landing Page” option in the left panel to change the page.
The “Change Landing Page” panel will appear. If the user does not have the mod-dashboards privilege, the “Dashboard” option will not appear.
For Repertoire, there are only two options; the default and URL options. The dashboard option is not available, as shown below.
A message will appear after the landing page has been successfully changed.
User Sessions
The User Session shows all the sessions of the same user in the server. This is useful in production, allowing user to view the number of sessions currently running in teh server and deleting unwanted sessions.
To view the user sessions information, select the “User Sessions” option in the left panel.
The “User Sessions” panel will appear.
The current IP is shown at the top. The table below shows all the sessions of the user (including current session). The “Client IP” list the IP of the session. The “Created” column denotes the time the session is created. The “Expires” columns denotes the time the session will expires if left untouched (i.e., the session will be terminated).
To delete a session, click on the 
“Delete” icon under the “Actions” column.
Notifications
To manage notifications in Ambience, select the “Notifications” option in the left panel.
The “Manage Notifications” panel will appear.
Bu default, the “Send As Ambience Message” is selected. Select at least one option and click on the “Save Preferences” button.
If no option is selected, a warning message will appear.
A message will appear after the preference is saved.
Do note that this function is not available for Repertoire.
Two Factor Authentication
The Time-based One-time Password (TOTP) Two-factor Authentication (2FA) is optional in Ambience.
By default, the TOTP 2FA in Ambience is disabled. Users can set up their own 2FA, once the option has been enabled globally via the application.conf file.
To setup 2FA, select the “2FA” option in the left panel.
The “Two Factor Authentication” panel will appear.
To set up the TOTP 2FA, click on the “Setup” button to display the QR code.
Open any TOTP 2FA Authenticator app (such as Google Authenticator) on your phone and scan the QR code. The app will register ElixirAmbience (<username>) and gives you a 6-digit code, which will change every 30 seconds. Ambience provides a minute window to allow for clock drift. Ensure your phone and the Ambience server is in sync.
Enter the code as your 2FA verification code (with or without space) and click on the “Confirm” button. Once the authentication is completed, the “TOTP 2FA Enabled” panel will appear.
If the wrong code (6-digit, less than 6-digit) or no code is entered, error messages will appear accordingly.
To check if the 2FA works, try logging out and log in again. You will need the 2FA code to log in successfully. If a wrong code is entered, an error message will appear in the log in dialog box.
You can disable the 2FA by keying in the 6-digit code and click on the “Disable” button. A notification will appear after the 2FA has been disabled.
Alternatively, if you have the mod-identity privilege, you can use the Identity module to reset the 2FA.
Hiding Options
The “Email Address” and the “Password” options can be hidden from the left panel. To do so, add the following lines in the application.conf file in the “etc” folder.
ambience.user-settings.enable-panel.email = false
ambiecne.user-settings.enable-panel.password = false