JamesBhattarai
7cb522b590
Refractor Codes into sub file/folders Admin can remove users'/members mfa/2fa, unlink account from oauth provider Admin can add/reset password Different Email (OIDC + Manual)-Same Account; (Block Linking and authorize if available)
56 lines
1.3 KiB
Bash
56 lines
1.3 KiB
Bash
# Flask Configuration
|
|
FLASK_APP=wsgi.py
|
|
FLASK_ENV=development
|
|
SECRET_KEY=your-secret-key-here-change-in-production
|
|
|
|
# Database
|
|
DATABASE_URL=postgresql://user:password@localhost:5432/authy2_dev
|
|
SQLALCHEMY_ECHO=False
|
|
SQLALCHEMY_LOG_LEVEL=WARNING
|
|
|
|
# Security
|
|
BCRYPT_LOG_ROUNDS=12
|
|
ENCRYPTION_KEY=your-encryption-key-here-change-in-production
|
|
SESSION_COOKIE_SECURE=False
|
|
SESSION_COOKIE_HTTPONLY=True
|
|
SESSION_COOKIE_SAMESITE=Lax
|
|
MAX_SESSION_DURATION=86400
|
|
|
|
# CORS
|
|
#CORS_ORIGINS=http://localhost:3000,http://localhost:5173,https://oidc-playpen.lovable.app/,http://localhost:8080/
|
|
CORS_ORIGINS=*
|
|
|
|
|
|
# JWT (if using JWT instead of sessions)
|
|
JWT_SECRET_KEY=your-jwt-secret-key-here
|
|
JWT_ACCESS_TOKEN_EXPIRES=3600
|
|
JWT_REFRESH_TOKEN_EXPIRES=2592000
|
|
|
|
# Redis (for session storage)
|
|
REDIS_URL=redis://localhost:6379/0
|
|
|
|
# OIDC
|
|
OIDC_ISSUER_URL=http://localhost:5000
|
|
|
|
# Logging
|
|
LOG_LEVEL=INFO
|
|
LOG_TO_STDOUT=True
|
|
|
|
# Rate Limiting
|
|
RATELIMIT_ENABLED=True
|
|
RATELIMIT_STORAGE_URL=redis://localhost:6379/1
|
|
|
|
# SSH CA
|
|
# Path to CA private key file (alternative to SSH_CA_PRIVATE_KEY env var)
|
|
SSH_CA_KEY_PATH=/path/to/ca-users
|
|
# Or set the key content directly (takes priority over SSH_CA_KEY_PATH):
|
|
# SSH_CA_PRIVATE_KEY=
|
|
|
|
EMAIL_ENABLED=
|
|
SMTP_HOST=
|
|
SMTP_PORT=
|
|
SMTP_USERNAME=
|
|
SMTP_PASSWORD=
|
|
FROM_ADDRESS=
|
|
WEBAUTHN_ORIGIN=
|