# UltiSuite — réinitialisation mot de passe (identification e-mail + envoi lien) version: 1 metadata: name: UltiSuite recovery labels: blueprints.goauthentik.io/instantiate: "true" entries: - model: authentik_flows.flow id: ulti-recovery-flow identifiers: slug: ulti-recovery attrs: name: UltiSuite — Mot de passe oublié title: Réinitialiser votre mot de passe designation: recovery authentication: require_unauthenticated - model: authentik_stages_identification.identificationstage id: ulti-recovery-identification identifiers: name: ulti-recovery-identification attrs: user_fields: - email - model: authentik_stages_email.emailstage id: ulti-recovery-email identifiers: name: ulti-recovery-email attrs: use_global_settings: true token_expiry: 1800 subject: UltiSuite — Réinitialisation du mot de passe template: email/ulti_password_reset.html activate_user_on_success: true recovery_max_attempts: 5 recovery_cache_timeout: 300 - model: authentik_stages_prompt.prompt id: ulti-recovery-field-password identifiers: name: ulti-recovery-field-password attrs: field_key: password label: Nouveau mot de passe type: password required: true placeholder: Mot de passe order: 0 - model: authentik_stages_prompt.prompt id: ulti-recovery-field-password-repeat identifiers: name: ulti-recovery-field-password-repeat attrs: field_key: password_repeat label: Confirmer le mot de passe type: password required: true placeholder: Confirmer le mot de passe order: 1 - model: authentik_stages_prompt.promptstage id: ulti-recovery-prompt-password identifiers: name: ulti-recovery-prompt-password attrs: fields: - !KeyOf ulti-recovery-field-password - !KeyOf ulti-recovery-field-password-repeat - model: authentik_stages_user_write.userwritestage id: ulti-recovery-user-write identifiers: name: ulti-recovery-user-write attrs: user_creation_mode: never_create - model: authentik_stages_user_login.userloginstage id: ulti-recovery-user-login identifiers: name: ulti-recovery-user-login - model: authentik_policies_expression.expressionpolicy id: ulti-recovery-skip-if-restored identifiers: name: ulti-recovery-skip-if-restored attrs: expression: | return not request.context.get('is_restored', False) - model: authentik_flows.flowstagebinding id: ulti-recovery-binding-identification identifiers: target: !KeyOf ulti-recovery-flow stage: !KeyOf ulti-recovery-identification order: 10 attrs: evaluate_on_plan: true re_evaluate_policies: true invalid_response_action: retry - model: authentik_flows.flowstagebinding id: ulti-recovery-binding-email identifiers: target: !KeyOf ulti-recovery-flow stage: !KeyOf ulti-recovery-email order: 20 attrs: evaluate_on_plan: true re_evaluate_policies: true invalid_response_action: retry - model: authentik_flows.flowstagebinding id: ulti-recovery-binding-password identifiers: target: !KeyOf ulti-recovery-flow stage: !KeyOf ulti-recovery-prompt-password order: 30 attrs: evaluate_on_plan: true re_evaluate_policies: false invalid_response_action: retry - model: authentik_flows.flowstagebinding id: ulti-recovery-binding-user-write identifiers: target: !KeyOf ulti-recovery-flow stage: !KeyOf ulti-recovery-user-write order: 40 attrs: evaluate_on_plan: true re_evaluate_policies: false invalid_response_action: retry - model: authentik_flows.flowstagebinding id: ulti-recovery-binding-user-login identifiers: target: !KeyOf ulti-recovery-flow stage: !KeyOf ulti-recovery-user-login order: 100 attrs: evaluate_on_plan: true re_evaluate_policies: false invalid_response_action: retry - model: authentik_policies.policybinding identifiers: policy: !KeyOf ulti-recovery-skip-if-restored target: !KeyOf ulti-recovery-binding-identification order: 0 attrs: enabled: true timeout: 30 - model: authentik_policies.policybinding identifiers: policy: !KeyOf ulti-recovery-skip-if-restored target: !KeyOf ulti-recovery-binding-email order: 0 state: absent attrs: enabled: true timeout: 30 - model: authentik_brands.brand identifiers: domain: authentik-default attrs: flow_recovery: !Find [authentik_flows.flow, [slug, ulti-recovery]]