feat(security): implement CSRF protection

2025-12-21 02:47:14 -08:00
parent e75b727a5a
commit 8a78b2bb2e
25 changed files with 1157 additions and 580 deletions
@@ -6,6 +6,8 @@ services:
      - DATABASE_URL=file:/app/prisma/dev.db
      - PORT=8000
      - NODE_ENV=production
+      # Required for horizontal scaling (k8s): must be the same across all instances
+      - CSRF_SECRET=${CSRF_SECRET}
    volumes:
      - backend-data:/app/prisma
    networks: