feat: PKCE auth + CI/CD deploy
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 1m2s
All checks were successful
CI/CD — Build & Deploy / Build & Deploy (push) Successful in 1m2s
- Frontend: PKCE flow (oauth.ts, AuthCallback code exchange, 401 interceptor) - Backend: token introspection via SuperOAuth (no more JWT secret) - User model: superOauthId (unified) replaces oauthId+provider - Cookies httpOnly session + refresh token - POST /auth/refresh endpoint - Gitea CI workflow (vps-runner pattern) - DB_SYNC env var for initial schema creation
This commit is contained in:
@@ -10,9 +10,8 @@ REDIS_URL=redis://localhost:6379
|
||||
# Frontend CORS (virgule-séparé pour multi-origin)
|
||||
FRONTEND_URL=http://localhost:5173
|
||||
|
||||
# SuperOAuth — service externe d'authentification
|
||||
# SuperOAuth — service externe d'authentification (introspection, pas de secret JWT)
|
||||
SUPER_OAUTH_URL=http://localhost:3000
|
||||
SUPER_OAUTH_JWT_SECRET=<JWT secret SuperOAuth>
|
||||
|
||||
# Cookie signing
|
||||
COOKIE_SECRET=
|
||||
|
||||
Reference in New Issue
Block a user