174 lines
4.8 KiB
YAML
174 lines
4.8 KiB
YAML
|
version: 1
|
||
|
|
entries:
|
||
|
|
- identifiers:
|
||
|
|
slug: default-recovery-flow
|
||
|
|
id: flow
|
||
|
|
model: authentik_flows.flow
|
||
|
|
attrs:
|
||
|
|
name: Default recovery flow
|
||
|
|
title: Reset your password
|
||
|
|
designation: recovery
|
||
|
|
cache_count: 0
|
||
|
|
policy_engine_mode: any
|
||
|
|
compatibility_mode: false
|
||
|
|
layout: stacked
|
||
|
|
- identifiers:
|
||
|
|
field_key: password
|
||
|
|
label: Password
|
||
|
|
id: prompt-field-password
|
||
|
|
model: authentik_stages_prompt.prompt
|
||
|
|
attrs:
|
||
|
|
type: password
|
||
|
|
required: true
|
||
|
|
placeholder: Password
|
||
|
|
order: 0
|
||
|
|
sub_text: ""
|
||
|
|
placeholder_expression: false
|
||
|
|
- identifiers:
|
||
|
|
field_key: password_repeat
|
||
|
|
label: Password (repeat)
|
||
|
|
id: prompt-field-password-repeat
|
||
|
|
model: authentik_stages_prompt.prompt
|
||
|
|
attrs:
|
||
|
|
type: password
|
||
|
|
required: true
|
||
|
|
placeholder: Password (repeat)
|
||
|
|
order: 1
|
||
|
|
sub_text: ""
|
||
|
|
placeholder_expression: false
|
||
|
|
- identifiers:
|
||
|
|
name: default-recovery-skip-if-restored
|
||
|
|
id: default-recovery-skip-if-restored
|
||
|
|
model: authentik_policies_expression.expressionpolicy
|
||
|
|
attrs:
|
||
|
|
execution_logging: false
|
||
|
|
expression: |
|
||
|
|
return request.context.get('is_restored', False)
|
||
|
|
- identifiers:
|
||
|
|
name: default-recovery-email
|
||
|
|
id: default-recovery-email
|
||
|
|
model: authentik_stages_email.emailstage
|
||
|
|
attrs:
|
||
|
|
use_global_settings: true
|
||
|
|
host: localhost
|
||
|
|
port: 25
|
||
|
|
username: ""
|
||
|
|
use_tls: false
|
||
|
|
use_ssl: false
|
||
|
|
timeout: 10
|
||
|
|
from_address: system@authentik.local
|
||
|
|
token_expiry: 30
|
||
|
|
subject: authentik
|
||
|
|
template: email/password_reset.html
|
||
|
|
activate_user_on_success: true
|
||
|
|
- identifiers:
|
||
|
|
name: default-recovery-user-write
|
||
|
|
id: default-recovery-user-write
|
||
|
|
model: authentik_stages_user_write.userwritestage
|
||
|
|
attrs:
|
||
|
|
create_users_as_inactive: false
|
||
|
|
create_users_group: null
|
||
|
|
user_path_template: ""
|
||
|
|
- identifiers:
|
||
|
|
name: default-recovery-identification
|
||
|
|
id: default-recovery-identification
|
||
|
|
model: authentik_stages_identification.identificationstage
|
||
|
|
attrs:
|
||
|
|
user_fields:
|
||
|
|
- email
|
||
|
|
- username
|
||
|
|
password_stage: null
|
||
|
|
case_insensitive_matching: true
|
||
|
|
show_matched_user: true
|
||
|
|
enrollment_flow: null
|
||
|
|
recovery_flow: null
|
||
|
|
passwordless_flow: null
|
||
|
|
sources: []
|
||
|
|
show_source_labels: false
|
||
|
|
- identifiers:
|
||
|
|
name: default-recovery-user-login
|
||
|
|
id: default-recovery-user-login
|
||
|
|
model: authentik_stages_user_login.userloginstage
|
||
|
|
attrs:
|
||
|
|
session_duration: seconds=0
|
||
|
|
- identifiers:
|
||
|
|
name: Change your password
|
||
|
|
name: stages-prompt-password
|
||
|
|
model: authentik_stages_prompt.promptstage
|
||
|
|
attrs:
|
||
|
|
fields:
|
||
|
|
- !KeyOf prompt-field-password
|
||
|
|
- !KeyOf prompt-field-password-repeat
|
||
|
|
validation_policies: []
|
||
|
|
- identifiers:
|
||
|
|
target: !KeyOf flow
|
||
|
|
stage: !KeyOf default-recovery-identification
|
||
|
|
order: 10
|
||
|
|
model: authentik_flows.flowstagebinding
|
||
|
|
id: flow-binding-identification
|
||
|
|
attrs:
|
||
|
|
evaluate_on_plan: true
|
||
|
|
re_evaluate_policies: true
|
||
|
|
policy_engine_mode: any
|
||
|
|
invalid_response_action: retry
|
||
|
|
- identifiers:
|
||
|
|
target: !KeyOf flow
|
||
|
|
stage: !KeyOf default-recovery-email
|
||
|
|
order: 20
|
||
|
|
model: authentik_flows.flowstagebinding
|
||
|
|
id: flow-binding-email
|
||
|
|
attrs:
|
||
|
|
evaluate_on_plan: true
|
||
|
|
re_evaluate_policies: true
|
||
|
|
policy_engine_mode: any
|
||
|
|
invalid_response_action: retry
|
||
|
|
- identifiers:
|
||
|
|
pk: 1219d06e-2c06-4c5b-a162-78e3959c6cf0
|
||
|
|
target: !KeyOf flow
|
||
|
|
stage: !KeyOf stages-prompt-password
|
||
|
|
order: 30
|
||
|
|
model: authentik_flows.flowstagebinding
|
||
|
|
attrs:
|
||
|
|
evaluate_on_plan: true
|
||
|
|
re_evaluate_policies: false
|
||
|
|
policy_engine_mode: any
|
||
|
|
invalid_response_action: retry
|
||
|
|
- identifiers:
|
||
|
|
target: !KeyOf flow
|
||
|
|
stage: !KeyOf default-recovery-user-write
|
||
|
|
order: 40
|
||
|
|
model: authentik_flows.flowstagebinding
|
||
|
|
attrs:
|
||
|
|
evaluate_on_plan: true
|
||
|
|
re_evaluate_policies: false
|
||
|
|
policy_engine_mode: any
|
||
|
|
invalid_response_action: retry
|
||
|
|
- identifiers:
|
||
|
|
target: !KeyOf flow
|
||
|
|
stage: !KeyOf default-recovery-user-login
|
||
|
|
order: 100
|
||
|
|
model: authentik_flows.flowstagebinding
|
||
|
|
attrs:
|
||
|
|
evaluate_on_plan: true
|
||
|
|
re_evaluate_policies: false
|
||
|
|
policy_engine_mode: any
|
||
|
|
invalid_response_action: retry
|
||
|
|
- identifiers:
|
||
|
|
policy: !KeyOf default-recovery-skip-if-restored
|
||
|
|
target: !KeyOf flow-binding-identification
|
||
|
|
order: 0
|
||
|
|
model: authentik_policies.policybinding
|
||
|
|
attrs:
|
||
|
|
negate: false
|
||
|
|
enabled: true
|
||
|
|
timeout: 30
|
||
|
|
- identifiers:
|
||
|
|
policy: !KeyOf default-recovery-skip-if-restored
|
||
|
|
target: !KeyOf flow-binding-email
|
||
|
|
order: 0
|
||
|
|
model: authentik_policies.policybinding
|
||
|
|
attrs:
|
||
|
|
negate: false
|
||
|
|
enabled: true
|
||
|
|
timeout: 30
|