Update schema and ory elements

Author: bandogora

docker-compose.yml

@@ -9,9 +9,9 @@ services:
         target: /var/lib/sqlite
         read_only: false
       - type: bind
-        source: ./schemas/kratos/email-password
-        target: /etc/config/kratos
-    command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
+        source: ./schemas/kratos
+        target: /opt/kratos
+    command: -c /opt/kratos/kratos.yml migrate sql -e --yes
     restart: on-failure
     networks:
       - intranet
@@ -27,15 +27,15 @@ services:
     environment:
       - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true
       - LOG_LEVEL=trace
-    command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier --sqa-opt-out
+    command: serve -c /opt/kratos/kratos.yml --dev --watch-courier --sqa-opt-out
     volumes:
       - type: volume
         source: kratos-sqlite
         target: /var/lib/sqlite
         read_only: false
       - type: bind
-        source: ./schemas/kratos/email-password
-        target: /etc/config/kratos
+        source: ./schemas/kratos
+        target: /opt/kratos/
     networks:
       - intranet
 

schemas/kratos/all-strategies/kratos.yml

@@ -1,7 +1,7 @@
 {
-  "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
+  "$id": "https://pigiot.net/identity.user.schema.json",
   "$schema": "http://json-schema.org/draft-07/schema#",
-  "title": "Person",
+  "title": "User",
   "type": "object",
   "properties": {
     "traits": {
@@ -20,6 +20,9 @@
               "webauthn": {
                 "identifier": true
               },
+              "totp": {
+                "account_name": true
+              },
               "code": {
                 "identifier": true,
                 "via": "email"
@@ -36,6 +39,12 @@
             }
           }
         },
+        "phone": {
+          "type": "string",
+          "format": "tel",
+          "title": "Phone Number",
+          "maxLength": 20
+        },
         "name": {
           "type": "object",
           "properties": {
@@ -48,9 +57,15 @@
               "type": "string"
             }
           }
+        },
+        "subscribed": {
+          "type": "boolean",
+          "title": "Subscribe to email updates"
         }
       },
-      "required": ["email"],
+      "required": [
+        "email"
+      ],
       "additionalProperties": false
     }
   }

schemas/kratos/email-password/identity.schema.json

@@ -100,30 +100,36 @@ log:
   leak_sensitive_values: true
 
 secrets:
+  default:
+    - 32-LONG-SECRET-NOT-SECURE-AT-ALL
   cookie:
-    - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
+    - 32-LONG-SECRET-NOT-SECURE-AT-ALL
   cipher:
     - 32-LONG-SECRET-NOT-SECURE-AT-ALL
 
 ciphers:
   algorithm: xchacha20-poly1305
 
 hashers:
-  algorithm: bcrypt
-  bcrypt:
-    cost: 8
+  algorithm: argon2
+  argon2:
+    memory: 384MB
+    iterations: 3
+    parallelism: 16
+    salt_length: 16
+    key_length: 32
+    expected_duration: 500ms
+    expected_deviation: 500ms
+    dedicated_memory: 1GB
 
 identity:
-  default_schema_id: default
+  default_schema_id: user
   schemas:
-    - id: default
-      url: file:///etc/config/kratos/identity.schema.json
+    - id: user
+      url: file:///opt/kratos/identity.user.schema.json
 
 courier:
   smtp:
     connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true
 
-feature_flags:
-  use_continue_with_transitions: false
-
 sqa-opt-out: true