docs/self-hosting/auth/providers/password.mdx
LobeHub supports traditional email and password authentication out of the box. This guide covers the available configuration options.
By default, email/password authentication is enabled. Users can register with their email address and set a password.
If you want to force users to authenticate via SSO providers only, set the following environment variable:
| Environment Variable | Type | Description |
|---|---|---|
AUTH_DISABLE_EMAIL_PASSWORD | Optional | Set to 1 to disable email/password login |
When enabled:
<Callout type={'warning'}>
Before enabling SSO-only mode, ensure you have configured at least one SSO
provider via AUTH_SSO_PROVIDERS. Otherwise, users will have no way to log
in.
</Callout>
To require users to verify their email address before signing in:
| Environment Variable | Type | Description |
|---|---|---|
AUTH_EMAIL_VERIFICATION | Optional | Set to 1 to require email verification |
This requires configuring an email service (SMTP). See Email Service Configuration for details.
To allow passwordless login via email magic links:
| Environment Variable | Type | Description |
|---|---|---|
AUTH_ENABLE_MAGIC_LINK | Optional | Set to 1 to enable magic link login |
This also requires configuring an email service (SMTP).
Users can change their password in two ways:
<Callout type={'info'}> Both methods require email service (SMTP) to be configured for sending password reset emails. </Callout>
AUTH_DISABLE_EMAIL_PASSWORD=1
AUTH_SSO_PROVIDERS=google,github
AUTH_EMAIL_VERIFICATION=1
SMTP_HOST=smtp.example.com
SMTP_PORT=587
[email protected]
SMTP_PASS=your-password
AUTH_ENABLE_MAGIC_LINK=1
SMTP_HOST=smtp.example.com
SMTP_PORT=587
[email protected]
SMTP_PASS=your-password
<Callout type={'tip'}> Go to Environment Variables for detailed information on all authentication variables. </Callout>