Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

Introduction

URAC micro-service V3 configuration variables that are needed and can be customized 

1. Password generation configuration

Location

In provision - key configuration

You can change the values of the below variables to customize iterations, seeding, and the algorithm used to hash passwords.

NameTypeDescription

Example

hashIterationsintegerHashing iteration value used by SOAJS hasher to encrypt/compare passwords16
seedLengthintegerSeed length value used by SOAJS hasher to encrypt/compare passwords32

optionalAlgorithm

string

Password Hashing algorithm name

"aes-128-cbc-hmac-sha256" or "des". You can go to List of Crypto Algorithms to find the name of the algorithm that you can use.

2. Join

Location

In provision - key configuration

You can change the values of the below variables to customize if you want the user to validate their email once they join or not.

NameTypeDescriptionExample
validateJoinbooleanThis configuration controllers the status of a user after joining. aka ('pendingJoin' : 'active')
 
true

3. Mail Configuration

Location

In provision - key configuration

In custom registry

Mail configuration can be found under two configuration objects:

  1. SMTP Configuration: Under common fields in order to be used in other microservices not only in URAC. This includes the transport configuration for the mail provider.
  2. Email Content Configuration: Under URAC configuration in order to customize mail options to handle URAC requirements. This includes links and content of emails sent in each stage.

More information about Variables used, custom data fields used in "content", and examples of the configuration can be found under Mail Notification Configuration

Examples: In provision

In provision
"commonFields" : {
  "mail": { // to control the smtp configuration
      "from": 'me@localhost.com',
      "transport": {...}
  }
},
"urac" : {
  "links": {...}, // this object to control the links in the emails
  "mail": { // this object to control the content of the emails
    "join": {...}, // Join - mail content configuration
    "forgotPassword": {...}, // Forgot password mail - content configuration
    "addUser": {...}, // Add User - mail content configuration
    "changeUserStatus": {...}, // Change User Status - mail content configuration
    "changeEmail": {...} // Change Email - mail content configuration
  }	
}

Examples: In custom registry

You should create to entries under custom registry (one for mail and one for urac) as follow:

with the following configuration content:

mail
{ // to control the smtp configuration
      "from": 'me@localhost.com',
      "transport": {...}
}
URAC
{
  "links": {...}, // this object to control the links in the emails
  "mail": { // this object to control the content of the emails
    "join": {...}, // Join - mail content configuration
    "forgotPassword": {...}, // Forgot password mail - content configuration
    "addUser": {...}, // Add User - mail content configuration
    "changeUserStatus": {...}, // Change User Status - mail content configuration
    "changeEmail": {...} // Change Email - mail content configuration
  }	
}

4. Mail token configuration

Location

In provision - key configuration

The URAC sends verification mail with links containing token with expiration date.

NameTypeDescriptionExample

tokenExpiryTTL

millisecondsThis configuration controllers the expiration period for the email links token.
 

172800000

5. Pin login configuration

Location

In provision

Pin code adds a second layer of authentication to URAC. For example, having restaurants with multiple branches and multiple positions. User should put a password and should use a pin code to gain access. For full information go to Pin login Configuration.

6. Data configuration

Resources and database configuration and creation steps can be found under Data Configuration.

6. 3rd party login configuration

Location

In provision


URAC allows third party login via one of the below methods:

  1. Passport Login: Define application keys for passport integration. Currently supporting Azure, Github, Twitter, Facebook, and Google. Got to the link for more information and an example of the configuration.
  2. OpenAM login: SSO (Single Sign-On).
  3. LDAP (Lightweight Directory Access Protocol) login: Active directory login.



Configuration priority and the default values

This table illustrates the configuration that can be overridden at a different layer of configuration 

Priority

Local → Registry → Tenant 

  1. Local Configuration
  2. Custom Registry
  3. Service Configuration (Tenant)



Name


Local Configuration (Default)

config.js

Registry Configuration (Per Environment)

req.soajs.registry


Tenant Configuration (Per Tenant Per Environment)

SettingsCustom
pinConfiguration1234
model¹"mongo"

hashIterations

24

seedLength12

model¹: We currently only support mongo models.

  • No labels