steve
da5d436432
OIDC configuration now comes from environment variables instead of the database settings table. This is more natural for Docker/compose deployments where secrets live in .env files. Env vars: OIDC_ENABLED, OIDC_DISCOVERY_URL, OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, OIDC_REDIRECT_URI, OIDC_BUTTON_LABEL. Also adds detailed [oidc] console logging throughout the authorize, callback, and link flows to aid debugging connection issues. Removes the OIDC settings UI section from the admin modal and the GET/PUT /api/settings/oidc endpoints.
16 lines
573 B
Bash
16 lines
573 B
Bash
# Copy to .env and fill in values before starting in production.
|
|
# Generate SESSION_SECRET with: openssl rand -hex 32
|
|
|
|
SESSION_SECRET=replace-with-a-random-64-character-hex-string
|
|
SESSION_MAX_AGE_HOURS=168 # default: 168 (7 days)
|
|
PORT=3000
|
|
DB_PATH=/app/data/check-printing.db
|
|
|
|
# OIDC / SSO (optional — omit or leave blank to disable)
|
|
OIDC_ENABLED=false
|
|
OIDC_DISCOVERY_URL=https://auth.example.com/.well-known/openid-configuration
|
|
OIDC_CLIENT_ID=
|
|
OIDC_CLIENT_SECRET=
|
|
OIDC_REDIRECT_URI=https://checks.example.com/api/auth/oidc/callback
|
|
OIDC_BUTTON_LABEL=Sign in with SSO
|