-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathenv.example
More file actions
105 lines (89 loc) · 3.66 KB
/
env.example
File metadata and controls
105 lines (89 loc) · 3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# Database Configuration
# DB_URL=jdbc:postgresql://localhost:5433/authenticationservice
DB_URL=jdbc:postgresql://db:5432/authenticationservice
DB_USERNAME=postgres
DB_PASSWORD=postgres
# DB_USERNAME=${DB_USERNAME} # for CI/CD credentials
# DB_PASSWORD=${DB_PASSWORD} # for CI/CD credentials
POSTGRES_DB=authenticationservice
# POSTGRES_USER is automatically set from DB_USERNAME in docker-compose.yml
# JWT Configuration
JWT_ACCESS_SECRET=your-jwt-access-secret-key-here
JWT_REFRESH_SECRET=your-jwt-refresh-secret-key-here
# Google OAuth2 Configuration
GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=your-google-client-secret
OAUTH2_REDIRECT_URI=http://localhost:8080/login/oauth2/code/{registrationId}
# OAuth2 redirect URI (default: http://localhost/login/oauth2/code/{registrationId})
# OAUTH2_REDIRECT_URI=http://localhost/login/oauth2/code/{registrationId}
# Frontend URL
# For Docker: http://localhost:3000
# For local dev (IDEA): http://localhost:5173
FRONTEND_URL=http://localhost:3000
# Refresh Cookie Configuration
# Set to false for local HTTP development, true for HTTPS environments
SECURITY_REFRESH_COOKIE_SECURE=false
# Optional overrides
# SECURITY_REFRESH_COOKIE_NAME=refreshToken
# SECURITY_REFRESH_COOKIE_PATH=/api/auth
# SECURITY_REFRESH_COOKIE_SAME_SITE=Strict
# SECURITY_REFRESH_COOKIE_DOMAIN=example.com
# Refresh Token Rotation Configuration
SECURITY_REFRESH_ROTATION_ENABLED=true
SECURITY_REFRESH_ROTATION_REVOKE_ON_REUSE=true
SECURITY_REFRESH_ROTATION_MAX_FAMILIES_PER_USER=5
SECURITY_REFRESH_ROTATION_CLEANUP_ENABLED=true
SECURITY_REFRESH_ROTATION_CLEANUP_EXPIRED_AFTER_DAYS=30
# Content Security Policy (optional override)
# SECURITY_CSP=default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'
# Admin Configuration
ADMIN_ENABLED=true
ADMIN_EMAIL=admin@example.com
ADMIN_USERNAME=Admin
# Mail Configuration
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=your-email@gmail.com
MAIL_PASSWORD="your-email-password-or-app-password"
# Email Signature Configuration
# Custom signature for email templates (default: "Authentication Service Team")
EMAIL_SIGNATURE=Authentication Service Team
# Limit SSL trust to Gmail SMTP host (overrides default "*")
# MAIL_SSL_TRUST=smtp.gmail.com
# Password Validation Configuration
PASSWORD_REGEX="^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=!\\-_*?])(?=\\S+$).{8,}$"
VITE_PASSWORD_REGEX="^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=!\-_*?])(?=\S+$).{8,}$"
PASSWORD_RESET_COOLDOWN_MINUTES=10
VITE_PASSWORD_RESET_COOLDOWN_MINUTES=10
# Docker Configuration
BUILDER_IMAGE_NAME=auth-service-builder
FINAL_IMAGE_NAME=auth-service:latest
APP_TEST_CONTAINER_NAME=auth-service-test-builder
AUTH_SERVICE_CONTAINER_NAME=auth-service
AUTH_FRONTEND_CONTAINER_NAME=auth-frontend
AUTH_DB_CONTAINER_NAME=auth-db
JAR_NAME=authorization-service-1.0.0.jar
DOCKERFILE_BUILD=backend/Docker-Build.Dockerfile
DOCKERFILE_FINAL=backend/Docker-Final.Dockerfile
COMPOSE_FILE=docker-compose.yml
VOLUME_NAME=postgres_data
# Optional Configuration (uncomment if needed)
# CORS Configuration
# Comma-separated list of allowed origins (optional, defaults to localhost URLs)
# CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:5173,https://yourdomain.com
# Logging Configuration
# LOG_LEVEL=INFO
# SPRING_SECURITY_LOG_LEVEL=INFO
# LOG_FILE_ENABLED=true
# LOG_FILE_PATH=logs/app.log
# LOG_ERROR_FILE_PATH=logs/error.log
# LOG_ADMIN_FILE_PATH=logs/admin.log
# LOG_MAX_HISTORY=30
# LOG_MAX_SIZE=10MB
# LOG_TOTAL_SIZE_CAP=1GB
# LOG_JSON_ENABLED=false
# SLOW_REQUEST_THRESHOLD_MS=1000
# Rate limiting
# RATE_LIMIT_ADMIN_PER_MINUTE=120
# RATE_LIMIT_AUTH_PER_MINUTE=120
# RATE_LIMIT_RESEND_PER_MINUTE=1