mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
b3ce7fc379
* add a nolint for gosec 'possibly hardcoded password' that was incorrect * make all parameters consistent * update the docs for the correct key name 'password' instead of 'password_options' or 'password_hashing' * reword some of the docs * apply suggestions from code review Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>
67 lines
2.6 KiB
Go
67 lines
2.6 KiB
Go
package schema
|
|
|
|
// LDAPAuthenticationBackendConfiguration represents the configuration related to LDAP server
|
|
type LDAPAuthenticationBackendConfiguration struct {
|
|
URL string `mapstructure:"url"`
|
|
SkipVerify bool `mapstructure:"skip_verify"`
|
|
BaseDN string `mapstructure:"base_dn"`
|
|
AdditionalUsersDN string `mapstructure:"additional_users_dn"`
|
|
UsersFilter string `mapstructure:"users_filter"`
|
|
AdditionalGroupsDN string `mapstructure:"additional_groups_dn"`
|
|
GroupsFilter string `mapstructure:"groups_filter"`
|
|
GroupNameAttribute string `mapstructure:"group_name_attribute"`
|
|
UsernameAttribute string `mapstructure:"username_attribute"`
|
|
MailAttribute string `mapstructure:"mail_attribute"`
|
|
User string `mapstructure:"user"`
|
|
Password string `mapstructure:"password"`
|
|
}
|
|
|
|
// FileAuthenticationBackendConfiguration represents the configuration related to file-based backend
|
|
type FileAuthenticationBackendConfiguration struct {
|
|
Path string `mapstructure:"path"`
|
|
Password *PasswordConfiguration `mapstructure:"password"`
|
|
}
|
|
|
|
type PasswordConfiguration struct {
|
|
Iterations int `mapstructure:"iterations"`
|
|
KeyLength int `mapstructure:"key_length"`
|
|
SaltLength int `mapstructure:"salt_length"`
|
|
Algorithm string `mapstrucutre:"algorithm"`
|
|
Memory int `mapstructure:"memory"`
|
|
Parallelism int `mapstructure:"parallelism"`
|
|
}
|
|
|
|
// DefaultPasswordConfiguration represents the default configuration related to Argon2id hashing
|
|
var DefaultPasswordConfiguration = PasswordConfiguration{
|
|
Iterations: 1,
|
|
KeyLength: 32,
|
|
SaltLength: 16,
|
|
Algorithm: "argon2id",
|
|
Memory: 1024,
|
|
Parallelism: 8,
|
|
}
|
|
|
|
// DefaultCIPasswordConfiguration represents the default configuration related to Argon2id hashing for CI
|
|
var DefaultCIPasswordConfiguration = PasswordConfiguration{
|
|
Iterations: 1,
|
|
KeyLength: 32,
|
|
SaltLength: 16,
|
|
Algorithm: "argon2id",
|
|
Memory: 128,
|
|
Parallelism: 8,
|
|
}
|
|
|
|
// DefaultPasswordSHA512Configuration represents the default configuration related to SHA512 hashing
|
|
var DefaultPasswordSHA512Configuration = PasswordConfiguration{
|
|
Iterations: 50000,
|
|
SaltLength: 16,
|
|
Algorithm: "sha512",
|
|
}
|
|
|
|
// AuthenticationBackendConfiguration represents the configuration related to the authentication backend
|
|
type AuthenticationBackendConfiguration struct {
|
|
DisableResetPassword bool `mapstructure:"disable_reset_password"`
|
|
Ldap *LDAPAuthenticationBackendConfiguration `mapstructure:"ldap"`
|
|
File *FileAuthenticationBackendConfiguration `mapstructure:"file"`
|
|
}
|