aboutsummaryrefslogtreecommitdiff
path: root/plugins/VNLib.Plugins.Essentials.Accounts/src/Essentials.Accounts.json
blob: 173ed5b5e43631e02574f2e400840dbd86b5c14a (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

{
  "debug": false,

  //endpoints (any or all can be commented out if not needed)

  "login_endpoint": {
    "path": "/account/login",
    "max_login_attempts": 10, //10 failed attempts in 10 minutes
    "failed_attempt_timeout_sec": 600 //10 minutes
  },

  "keepalive_endpoint": {
    "path": "/account/keepalive",
    //Regen token every 15 mins along with cookies
    "token_refresh_sec": 600 //15 minutes
  },

  "profile_endpoint": {
    "path": "/account/profile"
  },

  "password_endpoint": {
    "path": "/account/reset"
  },

  "mfa_endpoint": {
    "path": "/account/mfa"
  },

  "logout_endpoint": {
    "path": "/account/logout"
  },

  "pki_auth_endpoint": {
    "path": "/account/pki",
    "jwt_time_dif_sec": 30,

    "max_login_attempts": 10,
    "failed_attempt_timeout_sec": 600,

    //Configures the PATCH and DELETE methods to update the user's stored key when logged in
    "enable_key_update": true
  },

  "fido_endpoint": {
    "path": "/account/fido"
  },

  //If mfa is defined, configures mfa enpoints and enables mfa logins
  "mfa": {
    "upgrade_expires_secs": 180,
    "nonce_size": 64,

    //Defines totp specific arguments
    "totp": {
      "digits": 6,
      "issuer": "vaughnnugent.com",
      "period_secs": 30,
      "algorithm": "sha1",
      "secret_size": 32,
      "window_size": 2
    },

    "fido": {
      "challenge_size": 64,
      "timeout": 60000,
      "attestation_type": "none",
      "site_name": "localhost",

      "authenticator_selection": {
        "authenticatorAttachment": "cross-platform",
        "requireResidentKey": false,
        "userVerification": "preferred"
      }
    }
  },

  //Defines the included account provider
  "account_security": {
    //Time in seconds before a session is considered expired
    "session_valid_for_sec": 3600,

    //Path/domain for all security cookies
    "cookie_domain": "",
    "cookie_path": "/",

    "status_cookie_name": "li",

    "otp_header_name": "X-Web-Token",
    "otp_time_diff_sec": 30,
    "otp_key_size": 64,

    "pubkey_cookie_name": "client-id",
    "pubkey_signing_key_size": 32,

    "strict_origin": false,
    "strict_path": false,

    //"allowed_origins": [ ]
  }
}
generated by cgit (git 2.46.0) at 2024-10-01 19:15:16 +0000