docs: add example env
Guillermo Pages
3 months ago
parent
fdfff1d29a
commit
a032f9b6bf
@ -0,0 +1,73 @@
|
|||||||
|
# SwissOID Configuration
|
||||||
|
# The SwissOID issuer URL (OpenID Provider)
|
||||||
|
SWISSOID_ISSUER=https://api.swissoid.com
|
||||||
|
|
||||||
|
# Your client ID registered with SwissOID
|
||||||
|
SWISSOID_CLIENT_ID=your-client-id
|
||||||
|
|
||||||
|
# Your client secret (for confidential clients)
|
||||||
|
SWISSOID_CLIENT_SECRET=your-client-secret-here
|
||||||
|
|
||||||
|
# SwissOID token endpoint for exchanging authorization codes
|
||||||
|
SWISSOID_TOKEN_ENDPOINT=https://api.swissoid.com/token
|
||||||
|
|
||||||
|
# SwissOID JWKS URI for JWT verification
|
||||||
|
SWISSOID_JWKS_URI=https://api.swissoid.com/.well-known/jwks.json
|
||||||
|
|
||||||
|
# SwissOID authorize endpoint (optional, defaults to SWISSOID_ISSUER/authorize)
|
||||||
|
SWISSOID_AUTHORIZE_ENDPOINT=https://api.swissoid.com/authorize
|
||||||
|
|
||||||
|
# Redis Configuration
|
||||||
|
# Redis connection URL (if provided, overrides host/port settings)
|
||||||
|
REDIS_URL=redis://localhost:6379
|
||||||
|
|
||||||
|
# Redis host (defaults to localhost if REDIS_URL not provided)
|
||||||
|
REDIS_HOST=localhost
|
||||||
|
|
||||||
|
# Redis port (defaults to 6379 if REDIS_URL not provided)
|
||||||
|
REDIS_PORT=6379
|
||||||
|
|
||||||
|
# Redis password (optional)
|
||||||
|
REDIS_PASSWORD=
|
||||||
|
|
||||||
|
# Redis database index (defaults to 0)
|
||||||
|
REDIS_DB=0
|
||||||
|
|
||||||
|
# RP (Relying Party) Configuration
|
||||||
|
# Frontend URL where users should be redirected after authentication
|
||||||
|
RP_FRONTEND_URL=http://localhost:3000
|
||||||
|
|
||||||
|
# Base URL for OIDC redirect (used to construct callback URL)
|
||||||
|
# The callback URL will be: OIDC_REDIRECT_BASE_URL/oidc/callback
|
||||||
|
OIDC_REDIRECT_BASE_URL=http://localhost:3668
|
||||||
|
|
||||||
|
# Alternative: Explicitly set the callback URL
|
||||||
|
# RP_CALLBACK_URL=http://localhost:3668/oidc/callback
|
||||||
|
|
||||||
|
# Cookie domain for session cookies (use leading dot for subdomains)
|
||||||
|
# Examples:
|
||||||
|
# localhost (for local development)
|
||||||
|
# .example.com (for all subdomains of example.com)
|
||||||
|
COOKIE_DOMAIN=localhost
|
||||||
|
|
||||||
|
# Alternative cookie domain variable name (either COOKIE_DOMAIN or RP_COOKIE_DOMAIN works)
|
||||||
|
# RP_COOKIE_DOMAIN=localhost
|
||||||
|
|
||||||
|
# Session Configuration
|
||||||
|
# Name of the session cookie
|
||||||
|
SESSION_COOKIE_NAME=connect.sid
|
||||||
|
|
||||||
|
# Secret key for signing sessions (use a strong random string in production)
|
||||||
|
SESSION_SECRET=your-session-secret-here-use-strong-random-string
|
||||||
|
|
||||||
|
# Secret for signing state parameters (optional, defaults to SESSION_SECRET + '-state-signing')
|
||||||
|
# STATE_SIGNING_SECRET=your-state-signing-secret
|
||||||
|
|
||||||
|
# Session TTL in seconds (optional, defaults to 7200 = 2 hours)
|
||||||
|
# SESSION_TTL=7200
|
||||||
|
|
||||||
|
# Refresh token TTL in seconds (optional, defaults to 604800 = 7 days)
|
||||||
|
# REFRESH_TTL=604800
|
||||||
|
|
||||||
|
# Refresh cookie name (optional, defaults to 'rid')
|
||||||
|
# REFRESH_COOKIE_NAME=rid
|
||||||
Loading…
Reference in New Issue