diff options
Diffstat (limited to 'plugins/VNLib.Plugins.Essentials.Accounts/src/Essentials.Accounts.json')
-rw-r--r-- | plugins/VNLib.Plugins.Essentials.Accounts/src/Essentials.Accounts.json | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/Essentials.Accounts.json b/plugins/VNLib.Plugins.Essentials.Accounts/src/Essentials.Accounts.json new file mode 100644 index 0000000..73529ee --- /dev/null +++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/Essentials.Accounts.json @@ -0,0 +1,94 @@ +{ + "debug": false, + + //endpoints (any or all can be commented out if not needed) + + "login_endpoint": { + "path": "/account/login", + "max_login_attempts": 10, //10 failed attempts in 10 minutes + "failed_attempt_timeout_sec": 600 //10 minutes + }, + + "keepalive_endpoint": { + "path": "/account/keepalive", + //Regen token every 15 mins along with cookies + "token_refresh_sec": 600 //15 minutes + }, + + "profile_endpoint": { + "path": "/account/profile" + }, + + "password_endpoint": { + "path": "/account/reset" + }, + + "mfa_endpoint": { + "path": "/account/mfa" + }, + + "logout_endpoint": { + "path": "/account/logout" + }, + + "pki_auth_endpoint": { + "path": "/account/pki", + "jwt_time_dif_sec": 30, + + "max_login_attempts": 10, + "failed_attempt_timeout_sec": 600, + + //Configures the PATCH and DELETE methods to update the user's stored key when logged in + "enable_key_update": true + }, + + //If mfa is defined, configures mfa enpoints and enables mfa logins + "mfa": { + "upgrade_expires_secs": 180, + "nonce_size": 64, + + //Defines totp specific arguments + "totp": { + "digits": 6, + "issuer": "vaughnnugent.com", + "period_secs": 30, + "algorithm": "sha1", + "secret_size": 32, + "window_size": 2 + }, + + "fido": { + "challenge_size": 64, + "attestation": "none", + "timeout": 60000, + "site_name": "vaughnnugent.com", + + "authenticatorSelection": { + "authenticatorAttachment": "cross-platform", + "requireResidentKey": false, + "userVerification": "required" + } + } + }, + + //Defines the included account provider + "account_security": { + //Time in seconds before a session is considered expired + "session_valid_for_sec": 3600, + + //Path/domain for all security cookies + "cookie_domain": "", + "cookie_path": "/", + + "status_cookie_name": "li", + + "otp_header_name": "X-Web-Token", + "otp_time_diff_sec": 30, + "otp_key_size": 64, + + "pubkey_cookie_name": "client-id", + "pubkey_signing_key_size": 32, + + "strict_origin": false + } +}
\ No newline at end of file |