-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.yaml
186 lines (174 loc) · 5.74 KB
/
auth.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
# Configuration for Hasura Auth
# All values in this configuration are strings, including boolean and integer
# values.
# Configuration for default providers
# Each provider has the following fields:
# `enabled` : To mark if the provider is enabled. Valid values are "true" or
# "false".
# `defaultRoles`: Specify the roles that get added when a user signs-up. By
# default the user role is added (even when the list does not contain "user").
# If you do not want any extra roles, leave it as an empty list.
# Example: the below two examples are same
# defaultRoles: ["user", "admin"]
# defaultRoles: ["admin"]
defaultProviders:
username:
enabled: "true"
defaultRoles: []
email:
enabled: "false"
defaultRoles: []
mobile:
enabled: "false"
defaultRoles: []
mobile-password:
enabled: "false"
defaultRoles: []
google:
enabled: "false"
defaultRoles: []
facebook:
enabled: "false"
defaultRoles: []
github:
enabled: "false"
defaultRoles: []
linkedin:
enabled: "false"
defaultRoles: []
# Session related configuration
session:
# Name of the cookie. This is usually set to your cluster's domain. No need
# to edit this in normal circumstances.
cookieName: {{ cluster.name }}
# if the cookie should be sent over https only. Stick to "true".
cookieSecure: "true"
# The default age of a user session in seconds. Default: 181440 (3 weeks)
sessionAge: "1814400"
# Configuration related to the email provider
email:
# email address of the sender for verification emails
verifyEmailFrom: [email protected]
# Name of the sender for verification emails
verifEmailFromName: admin
# Subject for verification emails
verifyEmailSubject: MyAwesomeApp - Verify your account
# Template for verification emails. HTML can be used in the template. The
# template is a Jinja template. Leave the "{{token}}" as it is. It will be
# used by the auth service to inject the actual token when sending the email.
verifyTemplate: |
Hi, Please click on <br/>
https://auth.{{ cluster.name }}.hasura-app.io/v1/providers/email/verify-email?token={{ "{{token}}" }}
to verify your email.
# Email verification token expiry time in days
verifyTokenExpires: "7"
# email address of the sender for forgot password emails
forgotPassEmailFrom: [email protected]
# Name of the sender for forgot password emails
forgotPassEmailFromName: admin
# Subject for forgot password emails
forgotPassEmailSubject: MyAwesomeApp - Reset password request
# Template for forgot password emails. HTML can be used in the template. The
# template is a Jinja template. Leave the "{{token}}" as it is. It will be
# used by the auth service to inject the actual token when sending the email.
forgotPassTemplate: |
Hi, <br/> Click on
https://auth.{{ cluster.name }}.hasura-app.io/v1/providers/email/reset-password?token={{ "{{token}}" }}
to reset your password.
# Forgot password reset token expiry time in days
resetTokenExpires: "7"
# Configuration for the mobile provider
mobile:
# Template for the SMS that is sent. This is a Jinja template. Leave the
# "{{otp}}" as it is. It will be used by the auth service to inject the
# actual token.
smsTemplate: |
Verify your acccount with MyAwesomeApp! Your OTP is {{ "{{otp}}" }}.
# OTP expiry time in minutes
otpExpiryTime: "15"
# Configuration for the mobile-password provider
mobilePassword:
# Template for the SMS that is sent. This is a Jinja template. Leave the
# "{{otp}}" as it is. It will be used by the auth service to inject the
# actual token.
smsTemplate: |
Verify your acccount with MyAwesomeApp! Your OTP is {{ "{{otp}}" }}.
# OTP expiry time in minutes
otpExpiryTime: "15"
# Configuration for password
password:
# minimum length of the password allowed.
minLength: "8"
# Below fields are all optional
#
# Configuration for google provider
#google:
# # list of the all the client ids generated for your Google app
# clientIds: ["xxxxxx", "yyyyyy"]
#
# Configuration for facebook provider
#facebook:
# # your facebook app client id
# clientId: xxxxxxxxx
# # your facebook app client secret
# clientSecret:
# secretKeyRef:
# key: auth.facebook.client_secret
# name: hasura-secrets
#
# Configuration for github provider
#github:
# # your github app client id
# clientId: xxxxxxxxx
# # your github app client secret
# clientSecret:
# secretKeyRef:
# key: auth.github.client_secret
# name: hasura-secrets
#
# Configuration for linkedin provider
#linkedin:
# # your linkedin app client id
# clientId: xxxxxxxxx
# # your linkedin app client secret
# clientSecret:
# secretKeyRef:
# key: auth.linkedin.client_secret
# name: hasura-secrets
# Configuration for adding a custom provider
#customProviders:
# myCustomProvider:
# enabled: "true",
# hooks:
# signup: "https://mycustomprovider.test42.hasura-app.io/signup"
# login: "https://mycustomprovider.test42.hasura-app.io/login"
# merge: "https://mycustomprovider.test42.hasura-app.io/merge"
# defaultRoles: ["admin"]
# The below fields are used by the platform when initializing. Please do not
# edit these configuration
postgres:
database: hasuradb
host: postgres.{{ cluster.metadata.namespaces.hasura }}
password:
secretKeyRef:
key: postgres.password
name: hasura-secrets
port: "5432"
user:
secretKeyRef:
key: postgres.user
name: hasura-secrets
redis:
cred: null
host: session-redis.{{ cluster.metadata.namespaces.hasura }}
port: "6379"
notifyDomain: http:https://notify.{{ cluster.metadata.namespaces.hasura }}
superUser:
password:
secretKeyRef:
key: auth.admin.password
name: hasura-secrets
username: admin
# optional fields
# email: [email protected]
# mobile: 987654321