Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migration path for existing user/account tables #500

Closed
Jasrags opened this issue Jun 9, 2020 · 4 comments
Closed

Migration path for existing user/account tables #500

Jasrags opened this issue Jun 9, 2020 · 4 comments
Milestone
v0.5.0-alpha.1

Comments

@Jasrags
Copy link

Jasrags commented Jun 9, 2020
edited
Loading

Hello, I was speaking with Vincent on slack and he suggested that I post an enhancement issue.

I'm looking for a way to use kratos as our identity management system, we currently run a legacy PHP system with a users table with millions of existing users. I would love to have a migration path from legacy into kratos with hopefully the least amount of user friction (Forced log-out/password changes). We are totally fine moving auth specific info into a new table, but anything that can be done to ease this change would be perfect.

Describe alternatives you've considered

At this point it's just kratos or we roll our own.
@aeneasr
Copy link
Member

aeneasr commented Jun 10, 2020
edited
Loading

So there is currently no option to do this, it's basically blocked by #200 (see also #435 and #325). It will however (in the future) be possible to import users even if you currently use something like BCrypt or some other password hashing algorithm.

It won't be possible to do a switch without a logout however, because Kratos can't work with your current session system. You could however solve that on a proxy/application level and use two session stores (Kratos and your current system) for the migration period, validating the session against both systems.

However, this feature will take a bit more time as we're currently solving other issues. But you can take me by my word that this will be possible and that I will also personally work on this feature most likely in Q3 2020.

@Jasrags
Copy link
Author

Jasrags commented Jun 10, 2020

Awesome, thanks for getting back to me. Q3/Q4 is perfect as this is something we need to do, but is not urgent or time sensitive.

@aeneasr aeneasr added this to the v0.5.0-alpha.1 milestone Jun 30, 2020
aeneasr added a commit that referenced this issue Jul 17, 2020
@aeneasr
fix: resolve identity admin api issues
df0a29d 
This patch resolves several issues that occurred when creating or updating identities using the Admin API. Now, all hooks are running properly and updating privileged properties no longer causes errors.

Closes #435
See #500
@aeneasr aeneasr mentioned this issue Jul 17, 2020
Merged
aeneasr added a commit that referenced this issue Jul 17, 2020
@aeneasr
fix: resolve identity admin api issues (#586)
feef8a7 
This patch resolves several issues that occurred when creating or updating identities using the Admin API. Now, all hooks are running properly and updating privileged properties no longer causes errors.

Closes #435
See #500
@aeneasr
Copy link
Member

aeneasr commented Jul 27, 2020

I'm closing this as a dupe of #605 which contains much more detail.�

@Jasrags what hashing algorithm do you currently use?

@aeneasr aeneasr closed this as completed Jul 27, 2020
@Jasrags
Copy link
Author

Jasrags commented Jul 27, 2020

@aeneasr bcrypt, and thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.5.0-alpha.1
Development

No branches or pull requests
2 participants
@Jasrags @aeneasr