sparse-vegetable-80161
05/26/2023, 10:02 AMmd5 hasher
in self-host kratos ? I saw someone implement in the github , but I can't use the md5 hasher in my quick start yaml file .
here is my yaml file
version: v0.13.0
dsn: memory
serve:
public:
base_url: <http://127.0.0.1:4433/>
cors:
enabled: true
admin:
base_url: <http://kratos:4434/>
dev: true
selfservice:
default_browser_return_url: <http://127.0.0.1:4455/>
allowed_return_urls:
- <http://127.0.0.1:4455>
methods:
password:
enabled: true
totp:
config:
issuer: Kratos
enabled: true
lookup_secret:
enabled: true
link:
enabled: true
code:
enabled: true
flows:
error:
ui_url: <http://127.0.0.1:4455/error>
settings:
ui_url: <http://127.0.0.1:4455/settings>
privileged_session_max_age: 15m
required_aal: highest_available
recovery:
enabled: true
ui_url: <http://127.0.0.1:4455/recovery>
use: code
verification:
enabled: true
ui_url: <http://127.0.0.1:4455/verification>
use: code
after:
default_browser_return_url: <http://127.0.0.1:4455/>
logout:
after:
default_browser_return_url: <http://127.0.0.1:4455/login>
login:
ui_url: <http://127.0.0.1:4455/login>
lifespan: 10m
registration:
lifespan: 10m
ui_url: <http://127.0.0.1:4455/registration>
after:
password:
hooks:
- hook: session
- hook: show_verification_ui
log:
level: debug
format: text
leak_sensitive_values: true
secrets:
cookie:
- PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
cipher:
- 32-LONG-SECRET-NOT-SECURE-AT-ALL
ciphers:
algorithm: xchacha20-poly1305
hashers:
algorithm: md5
identity:
default_schema_id: default
schemas:
- id: default
url: file:///etc/config/kratos/identity.schema.json
courier:
smtp:
connection_uri: <smtps://test:test@mailslurper:1025/?skip_ssl_verify=true>
bland-eye-99092
05/26/2023, 10:04 AMsparse-vegetable-80161
05/26/2023, 11:49 AMsparse-vegetable-80161
05/26/2023, 11:52 AMsparse-vegetable-80161
05/26/2023, 11:52 AMbland-eye-99092
05/26/2023, 11:53 AMsparse-vegetable-80161
05/26/2023, 11:54 AMsparse-vegetable-80161
06/08/2023, 3:53 PMmd5
password to login kratos. or I missing some configuration? I try to use md5 & base64 , I still can't login. But like you say , kratos can re-hash password when I use the {ssha}
prefix or other hash method.
here is my import user :
{
"schema_id": "default",
"traits": {
"email": "<mailto:md5_base64@test.com|md5_base64@test.com>",
"name": {
"last_name": "asdf",
"first_name": "asdf"
}
},
"credentials": {
"password": {
"config": {
"hashed_password": "$md5$<my_hashed_password_and_base64>"
}
}
}
}
kratos.yaml
serve:
public:
base_url: <http://127.0.0.1:4433/>
admin:
base_url: <http://kratos:4434/>
selfservice:
default_browser_return_url: <http://127.0.0.1:4455/welcome>
allowed_return_urls:
- <http://127.0.0.1:4455/welcome>
methods:
password:
enabled: true
flows:
settings:
ui_url: <http://127.0.0.1:4455/settings>
verification:
ui_url: <http://127.0.0.1:4455/verification>
enabled: false
recovery:
ui_url: <http://127.0.0.1:4455/recovery>
enabled: false
logout:
after:
default_browser_return_url: <http://127.0.0.1:4455/login>
login:
ui_url: <http://127.0.0.1:4455/login>
after:
default_browser_return_url: <http://127.0.0.1:4455/welcome>
registration:
ui_url: <http://127.0.0.1:4455/registration>
after:
password:
hooks:
- hook: session
error:
ui_url: <http://127.0.0.1:4455/error>
log:
level: debug
hashers:
algorithm: bcrypt
identity:
schemas:
- id: default
url: file:///etc/config/kratos/identity.schema.json
courier:
smtp:
connection_uri: <smtps://test:test@mailslurper:1025/?skip_ssl_verify=true>
oauth2_provider:
url: <http://hydra:4445>
sparse-vegetable-80161
06/08/2023, 4:24 PMsparse-vegetable-80161
06/08/2023, 4:42 PMsparse-vegetable-80161
06/09/2023, 9:17 AM