search

ory / kratos

Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
https://www.ory.sh/kratos/?utm_source=github&utm_medium=banner&utm_campaign=kratos
Apache License 2.0
10.81k stars 935 forks source link

"Code" method replacing existing methods #3942

Open brenobaptista opened 4 weeks ago

brenobaptista commented 4 weeks ago

Preflight checklist

Ory Network Project

No response

Describe the bug

if you create an account with passwordless, the config is completely messed up (first screenshot) but if you first create an account with password then the passwordless config, it works fine (just brackets {})

image image

Reproducing the bug

We updated Kratos to v1.1.0 then ran kratos migrate sql -e --yes url...

For some reason sign in with code (passwordless, magic codes) is working fine for new users but for existing users instead of creating config correctly (just {}) it creates something like {"address_type":"","used_at":{"Time":"0001-01-01T00:00:00Z","Valid":false}} but most importantly it replaces the current method (password/SSO) with just passwordless

image

here the SSO getting replaced by code (check the created_at, 8 min later)

image image

Relevant log output

No response

Relevant configuration

No response

Version

1.1.0

On which operating system are you observing this issue?

None

In which environment are you deploying?

Kubernetes

Additional Context

I first contacted on Slack about this 3 months ago, no response.

aeneasr commented 4 weeks ago

Looks like a configuration error - probably an incorrect or malformed identity schema