docs: add example env
Guillermo Pages
3 months ago
parent
fdfff1d29a
commit
a032f9b6bf
@ -0,0 +1,73 @@
|
||||
# SwissOID Configuration
|
||||
# The SwissOID issuer URL (OpenID Provider)
|
||||
SWISSOID_ISSUER=https://api.swissoid.com
|
||||
|
||||
# Your client ID registered with SwissOID
|
||||
SWISSOID_CLIENT_ID=your-client-id
|
||||
|
||||
# Your client secret (for confidential clients)
|
||||
SWISSOID_CLIENT_SECRET=your-client-secret-here
|
||||
|
||||
# SwissOID token endpoint for exchanging authorization codes
|
||||
SWISSOID_TOKEN_ENDPOINT=https://api.swissoid.com/token
|
||||
|
||||
# SwissOID JWKS URI for JWT verification
|
||||
SWISSOID_JWKS_URI=https://api.swissoid.com/.well-known/jwks.json
|
||||
|
||||
# SwissOID authorize endpoint (optional, defaults to SWISSOID_ISSUER/authorize)
|
||||
SWISSOID_AUTHORIZE_ENDPOINT=https://api.swissoid.com/authorize
|
||||
|
||||
# Redis Configuration
|
||||
# Redis connection URL (if provided, overrides host/port settings)
|
||||
REDIS_URL=redis://localhost:6379
|
||||
|
||||
# Redis host (defaults to localhost if REDIS_URL not provided)
|
||||
REDIS_HOST=localhost
|
||||
|
||||
# Redis port (defaults to 6379 if REDIS_URL not provided)
|
||||
REDIS_PORT=6379
|
||||
|
||||
# Redis password (optional)
|
||||
REDIS_PASSWORD=
|
||||
|
||||
# Redis database index (defaults to 0)
|
||||
REDIS_DB=0
|
||||
|
||||
# RP (Relying Party) Configuration
|
||||
# Frontend URL where users should be redirected after authentication
|
||||
RP_FRONTEND_URL=http://localhost:3000
|
||||
|
||||
# Base URL for OIDC redirect (used to construct callback URL)
|
||||
# The callback URL will be: OIDC_REDIRECT_BASE_URL/oidc/callback
|
||||
OIDC_REDIRECT_BASE_URL=http://localhost:3668
|
||||
|
||||
# Alternative: Explicitly set the callback URL
|
||||
# RP_CALLBACK_URL=http://localhost:3668/oidc/callback
|
||||
|
||||
# Cookie domain for session cookies (use leading dot for subdomains)
|
||||
# Examples:
|
||||
# localhost (for local development)
|
||||
# .example.com (for all subdomains of example.com)
|
||||
COOKIE_DOMAIN=localhost
|
||||
|
||||
# Alternative cookie domain variable name (either COOKIE_DOMAIN or RP_COOKIE_DOMAIN works)
|
||||
# RP_COOKIE_DOMAIN=localhost
|
||||
|
||||
# Session Configuration
|
||||
# Name of the session cookie
|
||||
SESSION_COOKIE_NAME=connect.sid
|
||||
|
||||
# Secret key for signing sessions (use a strong random string in production)
|
||||
SESSION_SECRET=your-session-secret-here-use-strong-random-string
|
||||
|
||||
# Secret for signing state parameters (optional, defaults to SESSION_SECRET + '-state-signing')
|
||||
# STATE_SIGNING_SECRET=your-state-signing-secret
|
||||
|
||||
# Session TTL in seconds (optional, defaults to 7200 = 2 hours)
|
||||
# SESSION_TTL=7200
|
||||
|
||||
# Refresh token TTL in seconds (optional, defaults to 604800 = 7 days)
|
||||
# REFRESH_TTL=604800
|
||||
|
||||
# Refresh cookie name (optional, defaults to 'rid')
|
||||
# REFRESH_COOKIE_NAME=rid
|
||||
Loading…
Reference in New Issue