mirror of
https://github.com/davidallendj/opaal.git
synced 2025-12-20 03:27:02 -07:00
Switched postgres for sqlite
This commit is contained in:
parent
4f7ad29e0d
commit
6d482cc60f
4 changed files with 45 additions and 110 deletions
|
|
@ -24,7 +24,7 @@ selfservice:
|
|||
base_redirect_uri: http://127.0.0.1:4433
|
||||
providers:
|
||||
- id: forgejo
|
||||
provider: forgejo
|
||||
provider: generic
|
||||
client_id: 7527e7b4-c96a-4df0-8fc5-00fde18bb65d
|
||||
client_secret: gto_cc5uvpb5lsdczkwnbarvwmbpv5kcjwg7nhbc75zt65yrfh2ldenq
|
||||
issuer_url: http://git.towk.local
|
||||
|
|
|
|||
21
docker/configs/kratos/oidc.jsonnet
Normal file
21
docker/configs/kratos/oidc.jsonnet
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
local claims = {
|
||||
email_verified: false
|
||||
} + std.extVar('claims');
|
||||
|
||||
{
|
||||
identity: {
|
||||
traits: {
|
||||
// Allowing unverified email addresses enables account
|
||||
// enumeration attacks, especially if the value is used for
|
||||
// e.g. verification or as a password login identifier.
|
||||
//
|
||||
// Therefore we only return the email if it (a) exists and (b) is marked verified
|
||||
// by GitLab.
|
||||
[if "email" in claims && claims.email_verified then "email" else null]: claims.email,
|
||||
},
|
||||
verified_addresses: std.prune([
|
||||
// Carry over verified status from Social Sign-In provider.
|
||||
if 'email' in claims && claims.email_verified then { via: 'email', value: claims.email },
|
||||
]),
|
||||
},
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue