MetroIPO

Appearance

On this page

Frequently Asked Questions

What other application(s) does Metro depend on?

Metro only depends on the Depend API provided by the JCSD.

What are the User password requirements?

Password must have at least 8 characters. Passwords must contain upper and lowercase letters, a number and special character.

How many incorrect attempts can users make?

All users receive 3 attempts to enter an incorrect password. If they get it wrong again a fourth time, then a security email will be sent to them.

Is there password expiration?

Not currently.

Are previous passwords stored to prevent re-use? If so, how many hashes are stored?

No, they aren't. However, a client isn't allowed to reset their password to the one that is currently stored in the database.

Is there a system timeout?

Yes. Users are logged out after 20 minutes of inactivity by default. However, you can change the JWT_TTL variable in the .env file located in the application's root folder. Please note that this variable accepts a number which represents the time in minutes.

JWT_TTL set to expire in 60 minutes. Meaning, a client will be logged out 60 minutes after logging into the application

Does Metro allow multiple sessions?

Concurrent sessions are not allowed. There is a prompt that allows a user to log out of sessions on other devices built into the system.

How do I get access to the NGINX logs?

  • SSH into the admin server
  • Go to the path where the app is installed: cd /var/www/metro/admin/dashboard/docker
  • Run docker ps to list the running containers

List of docker containers with the name of the NGINX container highlighted.

  • Copy the name of the container
  • Now type docker logs [nginx container name] to see the logs. If you want to send them to a file, you can run this command: docker logs [nginx container name] > log.txt

What do I do if a user has enabled 2fa and is unable to access their 2fa codes?

If a user is locked out of their account due to losing access to their 2fa information, simply navigate to their account page on the admin dashboard, scroll to the bottom of the page, and disable 2fa manually.

To get to the user's page, navigate to the "Clients" page shown on the side navigation, search for the corresponding user, and click "View".

© Copyright 2022. Orba Technology Holdings.