- OIDC: authorization code flow, JWKS validation, JIT provisioning, group-to-role mapping, dual auth (local/oidc/both) - Force password change: random admin password on first install, modal blocks UI until changed - APP_SECRET required in docker-compose (fail if missing), .env.example improved - Login page: Oracle IAM button (conditional), hide form in oidc-only mode - OracleIamPage: test connection via backend, masked client_secret handling - UsersPage: OIDC badge, auth_provider in list - i18n: login.oidcButton, login.or (pt/en/es) - README v3.1: Terminal, User Management, Security, OIDC endpoints, versioning
20 lines
537 B
Plaintext
20 lines
537 B
Plaintext
# REQUIRED — Generate with: openssl rand -hex 64
|
|
# This key encrypts JWT tokens, Fernet credentials, and session data.
|
|
# It MUST be the same across container restarts and all workers.
|
|
APP_SECRET=
|
|
|
|
# JWT token expiry in hours (default: 12)
|
|
JWT_EXPIRY_HOURS=12
|
|
|
|
# Frontend port (default: 8080)
|
|
PORT=8080
|
|
|
|
# CORS allowed origins (comma-separated, e.g., https://your-domain.com)
|
|
CORS_ORIGINS=http://localhost:8080
|
|
|
|
# Timezone
|
|
TZ=America/Sao_Paulo
|
|
|
|
# Suppress OCI CLI file permission warnings
|
|
OCI_CLI_SUPPRESS_FILE_PERMISSIONS_WARNING=True
|