mirror of
https://gitlab.com/mbugroup/lti-api.git
synced 2026-05-20 21:41:55 +00:00
GitLab Deploy Bot
59 lines
2.0 KiB
Bash
59 lines
2.0 KiB
Bash
# .env.lti-api (Development Server with Domain)
|
|
# =============================================
|
|
|
|
# Server configuration
|
|
VERSION=0.0.1
|
|
APP_ENV=dev
|
|
APP_HOST=0.0.0.0
|
|
APP_PORT=8081
|
|
APP_URL=https://dev-api-lti.mbugroup.id
|
|
|
|
# Database configuration (pakai PostgreSQL milik SSO)
|
|
DB_HOST=sso-postgres
|
|
DB_USER=postgres
|
|
DB_PASSWORD=postgres
|
|
DB_NAME=db_lti_erp
|
|
DB_PORT=5432
|
|
|
|
# JWT configuration
|
|
JWT_SECRET=changeme
|
|
JWT_ACCESS_EXP_MINUTES=30
|
|
JWT_REFRESH_EXP_DAYS=30
|
|
JWT_RESET_PASSWORD_EXP_MINUTES=10
|
|
JWT_VERIFY_EMAIL_EXP_MINUTES=10
|
|
|
|
# Redis (pakai Redis milik SSO)
|
|
REDIS_URL=redis://sso-redis:6379/0
|
|
|
|
# CORS configuration
|
|
CORS_ALLOW_ORIGINS=https://dev-api-sso.mbugroup.id,https://dev-lti.mbugroup.id,https://dev-api-lti.mbugroup.id,http://localhost:3000
|
|
CORS_ALLOW_METHODS=GET,POST,PUT,PATCH,DELETE,OPTIONS
|
|
CORS_ALLOW_HEADERS=Authorization,Content-Type,X-Requested-With
|
|
CORS_EXPOSE_HEADERS=Link,Location
|
|
CORS_ALLOW_CREDENTIALS=true
|
|
CORS_MAX_AGE=600
|
|
|
|
# SSO Integration (Gunakan domain backend SSO)
|
|
SSO_ISSUER=https://dev-api-sso.mbugroup.id
|
|
SSO_JWKS_URL=https://dev-api-sso.mbugroup.id/api/.well-known/jwks.json
|
|
SSO_ALLOWED_AUDIENCES=
|
|
SSO_AUTHORIZE_URL=https://dev-api-sso.mbugroup.id/api/sso/authorize
|
|
SSO_TOKEN_URL=https://dev-api-sso.mbugroup.id/api/sso/token
|
|
SSO_GETME_URL=https://dev-api-sso.mbugroup.id/api/auth/get-me
|
|
|
|
# Cookie & session configuration
|
|
SSO_ACCESS_COOKIE_NAME=sso_access
|
|
SSO_REFRESH_COOKIE_NAME=sso_refresh
|
|
SSO_COOKIE_DOMAIN=.mbugroup.id
|
|
SSO_COOKIE_SECURE=true
|
|
SSO_COOKIE_SAMESITE=Lax
|
|
SSO_PKCE_TTL_SECONDS=300
|
|
|
|
# SSO webhook / user sync settings
|
|
SSO_USER_SYNC_SIGNATURE_DRIFT_SECONDS=120
|
|
SSO_USER_SYNC_NONCE_TTL_SECONDS=600
|
|
SSO_USER_SYNC_MAX_BODY_BYTES=32768
|
|
|
|
# Client registration for SSO
|
|
SSO_CLIENTS={"Lumbung-Telur-Indonesia":{"public_id":"Lumbung-Telur-Indonesia","redirect_uri":"https://dev-api-lti.mbugroup.id/api/sso/callback","scope":"openid profile","default_return_uri":"https://dev-lti.mbugroup.id","allowed_return_origins":["https://dev-lti.mbugroup.id","http://localhost:3000"],"sync_secret":"onUyfODIMHOh4TgGLgyWLmsNeVNxFRHqoLJFLPjr"}}
|