dannycoates/gist:8448052

Created January 16, 2014 01:15

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/dannycoates/8448052.js"></script>
Save dannycoates/8448052 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

gistfile1.md

Auth Server config changes

additions

{
  "smtp": {
    "passwordResetUrl": "https://api-accounts.firefox.com/v1/complete_reset_password",
    "redirectDomain": "firefox.com"
  },
  "tokenLifetimes": {
    "accountResetToken": 900000,
    "passwordForgotToken": 900000,
    "passwordChangeToken": 900000
  }
}

passwordResetUrl defaults to publicUrl + '/v1/complete_reset_password' which is the url sent in the password reset email.
redirectDomain is used as validation against any submitted redirectTo parameters.
tokenLifetimes is the TTL for tokens in milliseconds (15min default)

deletions

{
  "scryptHelper": undefined
}

scryptHelper is no longer used

gene1wood commented Jan 16, 2014

@dannycoates when you know what I should use for redirectDomain in staging (accounts.stage.mozaws.net) let me know. You'd mentioned a patch might be required. If so, can you point me to the commit or the issue tracking it?

gene1wood commented Jan 16, 2014

Also, correct me if I'm wrong but I think I can leave out tokenLifetimes and passwordResetUrl since the defaults look correct.