Invenio user management and authentication.
User and role management.
User registration, password reset/recovery and email verification.
Administration interface and CLI for managing users.
Session based authentication with session theft protection as well as “remember me” support.
Strong cryptographic password hashing with support for migrating password hashes (including Invenio v1.x) to new stronger algorithms.
Session activity tracking allowing users to e.g. logout of all devices.
Server-side session management.
JSON Web Token encoding and decoding support useful for e.g. CSRF-protection in REST APIs.
Invenio-Accounts relies on the following community packages to do all the heavy-lifting:
Further documentation is available on https://invenio-accounts.readthedocs.io/
This part of the documentation will show you how to get started in using Invenio-Accounts.
If you are looking for information on a specific function, class or method, this part of the documentation is for you.
Notes on how to contribute, legal information and changes are here for the interested.