Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Ory [WIP] #242

Open
wants to merge 13 commits into
base: main
Choose a base branch
from
Open

Implement Ory [WIP] #242

wants to merge 13 commits into from

Conversation

duggalsu
Copy link
Contributor

NOT PRODUCTION READY

This will resolve #235

@duggalsu
Add Ory IAM setup
cd74a9a 
- Added sonarqube folder to gitignore
- Added modified Ory email-password template
- Added totp to show account name in kratos schema
- Disabled magic links for recovery in kratos config
- Enabled login only for verified emails in kratos config
- Disabled login after registration in kratos config
@duggalsu
Modify kratos config
9e46a96 
- Added default password config keys
- Added a 15 min lifespan to any use of codes eg verification, recovery
- Added a 15 min lifespan to verification and recovery URLs - match the code lifespan
- Modified verification flow to go to login page
- Added key to enable/disable registration in config
- Disabled leak sensitive values and replace with redacted text in logs
- Modified hashing cost
- Added default session key values
- Enforce MFA if set up
@duggalsu
Merged and renamed docker compose files
809659e
@duggalsu
- Updated Kratos version to current
77ab284 
- Updated postgres version to current
- Added methods that are explictly disabled - oidc, webauthn
- Disabled changing protected profile fields
@duggalsu
- Removed kratos-sqlite volume
f56714c 
- Added hibp password defaults
@duggalsu
- Modified TOTP issuer
886cf9c
@duggalsu
- Updated kratos-selfservice-ui-node version
38f9960
@duggalsu
- Added working Ory Oathkeeper proof of concept
603e0f8
@duggalsu
- Updated Ory Oathkeeper to latest version
96a15b9
@duggalsu
- Updated password hashing algorithm as per OWASP recommendation
c2a5595
@duggalsu
- Updated Oathkeeper version
4b4a09f 
- Modified Oathkeeper config
@duggalsu
- Renamed docker files
43c127f 
- Disabled exposed kratos ports
@duggalsu
Harden docker compose files
0a8cae9 
- Added read_only option to containers
- Dropped all container capabilities by default
- Enabled no new privileges for containers
- Modified log level to info
- Updated postgres container version
- Updated ports formatting as strings
@github-actions github-actions bot added the stale label Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Explore Authentication Solution for the Community Features
1 participant
@duggalsu