4.1. Access rights for unauthenticated visitors

Contents

If user block is visible as it is by default after installing a new website, then the "Log in" button in user block opens "Log in / register" window.
By default this window includes only authenticating fields Username and Password.

If you wish, that visitors can open user accounts, then you can add to this user block register/sign-up and/or recovery and/or email verifying links.
These links would refer to corresponding User module methods and first you should give access rights to these methods for user role anonymous.

There are following methods, which you should consider, whether to give access right to these methods for the unauthenticated visitor role anonymous or not.
These methods with their URLs are:
[path-to-your-site]/user/register,
[path-to-your-site]/user/sign-up,
[path-to-your-site]/user/recovery,
[path-to-your-site]/user/send-verifying-code,
[path-to-your-site]/user,
[path-to-your-site]/user/login,
[path-to-your-site]/user/verify-email.

From these methods register, sign-up, recovery and send-verifying-code are related to user block customizable links. It is suggested to give access right to one method: register or sign-up, not to both of them, depending on the way, how you wish to allow automatic account registration. The method verify-email is related to the verifying URL, which will be sent by email, after submitting the account registering request on register or sign-up page or after sending such request on the page send-verifying-code. The method send-verifying-code is just another request, which a user can make to verify his/her email, which has been submitted for registering before. The URL [path-to-your-site]/user is showing log in form, if visitor is not authenticated, otherwise it is showing log out button. User block login form doesn't need, that any login method has access right, but if you wish to use it (show it), then this block itself should have access right for anonymous and authenticated role as it is by default. The URL [path-to-your-site]/user/login is just an alternative way to log in.

To give access right for role anonymous to one or more of these methods, go to URL:
[path-to-your-site]/system-manager/manage-access,
Select module: User
Select role: anonymous.
Then you should see a table, where User module methods are listed.
Tick checkbox in column "Change access" in rows, where "Event name" is
register or signUp or recoverAccount or sendVerifyingCode or index or login and click the button "Save changes".

Now an unauthenticated visitor should have access to the above mentioned URLs, where you ticked the checkbox for the corresponding rows.