51 lines
No EOL
1 KiB
Markdown
51 lines
No EOL
1 KiB
Markdown
# kanidm-up-pass
|
|
|
|
A small Vue interface to reset Kanidm user and POSIX passwords to the same value from a credential reset token.
|
|
|
|
## Run
|
|
|
|
```bash
|
|
npm install
|
|
npm run dev
|
|
```
|
|
|
|
Build for production:
|
|
|
|
```bash
|
|
npm run build
|
|
```
|
|
|
|
## Usage
|
|
|
|
1. Open the app with a reset token in the URL:
|
|
`http://localhost:5173/?token=<credential-update-intent-token>`
|
|
2. Enter your new password and confirm it.
|
|
3. Submit.
|
|
|
|
The app connects directly to Kanidm:
|
|
|
|
1. `POST /v1/credential/_exchange_intent` with the token.
|
|
2. `POST /v1/credential/_update` with `password`.
|
|
3. `POST /v1/credential/_update` with `unixpassword`.
|
|
4. `POST /v1/credential/_commit`.
|
|
|
|
The UI supports English and German and lets users switch language in the page header.
|
|
|
|
## Configuration
|
|
|
|
Set your Kanidm base URL in `.env`:
|
|
|
|
```bash
|
|
cp .env.example .env
|
|
```
|
|
|
|
Example:
|
|
|
|
```bash
|
|
VITE_KANIDM_BASE_URL=https://kanidm.example.com
|
|
```
|
|
|
|
## Notes
|
|
|
|
- The token is read from the URL and then removed from the browser address bar.
|
|
- No backend is used; browser CORS access to Kanidm must be allowed for your app origin. |