fix impersonation issues
This commit is contained in:
Zimeng Xiong
@@ -5,6 +5,7 @@ DATABASE_URL=file:/app/prisma/dev.db
|
||||
FRONTEND_URL=http://localhost:6767
|
||||
# Keep disabled unless traffic always comes through a trusted reverse proxy.
|
||||
TRUST_PROXY=false
|
||||
AUTH_MODE=local
|
||||
JWT_SECRET=change-this-secret-in-production-min-32-chars
|
||||
|
||||
# Optional Feature Flags (all default to false for backward compatibility)
|
||||
@@ -12,3 +13,16 @@ JWT_SECRET=change-this-secret-in-production-min-32-chars
|
||||
# ENABLE_PASSWORD_RESET=false
|
||||
# ENABLE_REFRESH_TOKEN_ROTATION=false
|
||||
# ENABLE_AUDIT_LOGGING=false
|
||||
|
||||
# OIDC Configuration (required when AUTH_MODE=hybrid or AUTH_MODE=oidc_enforced)
|
||||
# OIDC_PROVIDER_NAME=Authentik
|
||||
# OIDC_ISSUER_URL=https://auth.example.com/application/o/excalidash/
|
||||
# OIDC_CLIENT_ID=your-client-id
|
||||
# OIDC_CLIENT_SECRET=your-client-secret
|
||||
# OIDC_REDIRECT_URI=https://excalidash.example.com/api/auth/oidc/callback
|
||||
# OIDC_SCOPES=openid profile email
|
||||
# OIDC_EMAIL_CLAIM=email
|
||||
# OIDC_EMAIL_VERIFIED_CLAIM=email_verified
|
||||
# OIDC_REQUIRE_EMAIL_VERIFIED=true
|
||||
# OIDC_JIT_PROVISIONING=true
|
||||
# OIDC_FIRST_USER_ADMIN=true
|
||||
|
||||
Reference in New Issue
Block a user