From bd3a7a25792b837c5f28c7580adf132abc6f35e7 Mon Sep 17 00:00:00 2001
From: vnugent <public@vaughnnugent.com>
Date: Sun, 25 Feb 2024 01:11:06 -0500
Subject: Squashed commit of the following:

commit 069f81fc3c87c437eceff756ddca7a4c1b58044d
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Feb 24 22:33:34 2024 -0500

    feat: #3 setup mode, admin signup, fixes, and contianerize!

commit 97ffede9eb312fca0257afa06969d47a12703f3b
Author: vnugent <public@vaughnnugent.com>
Date:   Mon Feb 19 22:26:03 2024 -0500

    feat: new account setup and invitation links

commit 1c8f59bc0a1b25ce5013b0f1fc7fa73c0de415d6
Author: vnugent <public@vaughnnugent.com>
Date:   Thu Feb 15 16:49:59 2024 -0500

    feat: update packages, drag/drop link, and fix some button padding
---
 .../Essentials.Accounts-template.json              | 76 ++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 ci/container/config-templates/Essentials.Accounts-template.json

(limited to 'ci/container/config-templates/Essentials.Accounts-template.json')

diff --git a/ci/container/config-templates/Essentials.Accounts-template.json b/ci/container/config-templates/Essentials.Accounts-template.json
new file mode 100644
index 0000000..6e36986
--- /dev/null
+++ b/ci/container/config-templates/Essentials.Accounts-template.json
@@ -0,0 +1,76 @@
+{
+  "debug": false,
+
+  //endpoints
+
+  "login_endpoint": {
+    "path": "/api/account/login",
+    "max_login_attempts": ${MAX_LOGIN_ATTEMPS}, //10 failed attempts in 10 minutes
+    "failed_attempt_timeout_sec": 600 //10 minutes
+  },
+
+  "keepalive_endpoint": {
+    "path": "/api/account/keepalive",
+    //Regen token every 10 mins along with cookies
+    "token_refresh_sec": 600 //10 minutes
+  },
+
+  "profile_endpoint": {
+    "path": "/api/account/profile"
+  },
+
+  "password_endpoint": {
+    "path": "/api/account/reset"
+  },
+
+  "mfa_endpoint": {
+    "path": "/api/account/mfa"
+  },
+
+  "logout_endpoint": {
+    "path": "/api/account/logout"
+  },
+
+  "pki_auth_endpoint": {
+    "path": "/api/account/pki",
+    "jwt_time_dif_sec": 30,
+    "max_login_attempts": 10,
+    "failed_attempt_timeout_sec": 600,
+    //Configures the PATCH and DELETE methods to update the user's stored key when logged in
+    "enable_key_update": true
+  },
+
+  //If mfa is defined, configures mfa enpoints and enables mfa logins
+  "mfa": {
+    "upgrade_expires_secs": 180,
+    "nonce_size": 64,
+
+    //Defines totp specific arguments
+    "totp": {
+      "digits": 6,
+      "issuer": "Simple-Bookmark",
+      "period_secs": 30,
+      "algorithm": "sha1",
+      "secret_size": 32,
+      "window_size": 2
+    }
+  },
+
+  //Defines the included account provider
+  "account_security": {
+    //Time in seconds before a session is considered expired
+    "session_valid_for_sec": 3600,
+    //Path/domain for all security cookies
+    "cookie_domain": "",
+    "cookie_path": "/",
+    "status_cookie_name": "li", //front-end cookie name must match to detect login status
+    "otp_header_name": "X-Web-Token", //Front-end header name must match
+    "otp_time_diff_sec": 30,
+    "otp_key_size": 64,
+    "pubkey_cookie_name": "client-id",
+    "pubkey_signing_key_size": 32,
+    "strict_origin": false,
+    "strict_path": true,  //Can be enabled if front-end is running on the same server
+    //"allowed_origins": [""]
+  }
+}
\ No newline at end of file
-- 
cgit