mirror of
https://gitlab.com/mbugroup/lti-api.git
synced 2026-05-20 21:41:55 +00:00
ragilap
55 lines
1.6 KiB
Bash
55 lines
1.6 KiB
Bash
# server configuration
|
|
# Env value : prod || dev
|
|
VERSION=0.0.1
|
|
APP_ENV=dev
|
|
APP_HOST=0.0.0.0
|
|
APP_PORT=8081
|
|
APP_URL=http://localhost:8081
|
|
|
|
# database configuration
|
|
DB_HOST=postgresdb
|
|
DB_USER=postgres
|
|
DB_PASSWORD=changeme
|
|
DB_NAME=db_lti_erp
|
|
DB_PORT=5432
|
|
DB_PORT_HOST=5542
|
|
|
|
# JWT
|
|
JWT_SECRET=changeme
|
|
JWT_ACCESS_EXP_MINUTES=30
|
|
JWT_REFRESH_EXP_DAYS=30
|
|
JWT_RESET_PASSWORD_EXP_MINUTES=10
|
|
JWT_VERIFY_EMAIL_EXP_MINUTES=10
|
|
|
|
# CORS
|
|
CORS_ALLOW_ORIGINS=changeme
|
|
CORS_ALLOW_METHODS=GET,POST,PUT,PATCH,DELETE,OPTIONS
|
|
CORS_ALLOW_HEADERS=Authorization,Content-Type,X-Requested-With
|
|
CORS_EXPOSE_HEADERS=Link,Location
|
|
CORS_ALLOW_CREDENTIALS=true
|
|
CORS_MAX_AGE=600
|
|
|
|
# Redis
|
|
REDIS_URL=redis://redis:6379/0
|
|
REDIS_PORT_HOST=6381
|
|
|
|
# SSO Integration
|
|
SSO_ISSUER=http://localhost:8080/api
|
|
SSO_JWKS_URL=http://localhost:8080/api/.well-known/jwks.json
|
|
SSO_ALLOWED_AUDIENCES=client:lti-api
|
|
SSO_AUTHORIZE_URL=http://localhost:8080/sso/authorize
|
|
SSO_TOKEN_URL=http://localhost:8080/sso/token
|
|
SSO_GETME_URL=http://localhost:8080/api/auth/get-me
|
|
SSO_ACCESS_COOKIE_NAME=sso_access
|
|
SSO_REFRESH_COOKIE_NAME=sso_refresh
|
|
SSO_COOKIE_DOMAIN=
|
|
SSO_COOKIE_SECURE=false
|
|
SSO_COOKIE_SAMESITE=Lax
|
|
SSO_PKCE_TTL_SECONDS=300
|
|
# Security window and payload limits for SSO user sync webhook
|
|
SSO_USER_SYNC_SIGNATURE_DRIFT_SECONDS=120
|
|
SSO_USER_SYNC_NONCE_TTL_SECONDS=600
|
|
SSO_USER_SYNC_MAX_BODY_BYTES=32768
|
|
# Example JSON (single-line) of client configs (each client requires a unique sync_secret)
|
|
SSO_CLIENTS={"lti":{"public_id":"client:lti","redirect_uri":"http://localhost:8081/api/sso/callback","scope":"openid profile","default_return_uri":"http://localhost:3000","allowed_return_origins":["http://localhost:3000"],"sync_secret":"changeme"}}
|