|
| 1 | +# ----------------------------------------------------------------------------- |
| 2 | +# App Configuration |
| 3 | +# ----------------------------------------------------------------------------- |
| 4 | +# The environment in which the application is running. This should be set to |
| 5 | +# 'production' on your live server to enable security features like secure |
| 6 | +# cookies. For local development, 'development' is appropriate. |
| 7 | +NODE_ENV=development |
| 8 | + |
| 9 | +# The network port on which the Fastify server will listen for incoming |
| 10 | +# connections. Change this if port 3000 is already in use on your system. |
| 11 | +PORT=3000 |
| 12 | + |
| 13 | +# ----------------------------------------------------------------------------- |
| 14 | +# Session Configuration |
| 15 | +# ----------------------------------------------------------------------------- |
| 16 | +# A long, random, and secret string used to sign the session cookie. This |
| 17 | +# prevents the cookie from being tampered with. It must be kept private. |
| 18 | +# Generate a secure key using: |
| 19 | +# node -e "console.log(require('crypto').randomBytes(32).toString('hex'))" |
| 20 | +SESSION_SECRET="your-very-secret-and-strong-session-key" |
| 21 | + |
| 22 | +# The total duration of the session in milliseconds. After this period of |
| 23 | +# inactivity, the user will be effectively logged out. |
| 24 | +# Default is 3600, which is 1 hour (60 * 60). |
| 25 | +SESSION_DURATION=3600 |
| 26 | + |
| 27 | +# ----------------------------------------------------------------------------- |
| 28 | +# ZITADEL OpenID Connect (OIDC) Configuration |
| 29 | +# ----------------------------------------------------------------------------- |
| 30 | +# The full domain URL of your ZITADEL instance. You can find this in your |
| 31 | +# ZITADEL organization's settings. |
| 32 | +# Example: https://my-org-a1b2c3.zitadel.cloud |
| 33 | +ZITADEL_DOMAIN="https://your-zitadel-domain" |
| 34 | + |
| 35 | +# The unique Client ID for your application, obtained from the ZITADEL Console. |
| 36 | +# This identifier tells ZITADEL which application is making the request. |
| 37 | +ZITADEL_CLIENT_ID="your-zitadel-application-client-id" |
| 38 | + |
| 39 | +# While the Authorization Code Flow with PKCE for public clients |
| 40 | +# does not strictly require a client secret for OIDC specification compliance, |
| 41 | +# AuthJS will still require a value for its internal configuration. |
| 42 | +# Therefore, please provide a randomly generated string here. |
| 43 | +# You can generate a secure key using: |
| 44 | +# node -e "console.log(require('crypto').randomBytes(32).toString('hex'))" |
| 45 | +ZITADEL_CLIENT_SECRET="your-randomly-generated-client-secret" |
| 46 | + |
| 47 | +# The full URL where ZITADEL redirects the user after they have authenticated. |
| 48 | +# This MUST exactly match one of the "Redirect URIs" you have configured in |
| 49 | +# your ZITADEL application settings. |
| 50 | +ZITADEL_CALLBACK_URL="http://localhost:3000/auth/callback" |
| 51 | + |
| 52 | +# The internal URL within your application where users are sent after a |
| 53 | +# successful login is processed at the callback URL. |
| 54 | +# Defaults to "/profile" if not specified. |
| 55 | +ZITADEL_POST_LOGIN_URL="/profile" |
| 56 | + |
| 57 | +# The full URL where ZITADEL redirects the user after they have logged out. |
| 58 | +# This MUST exactly match one of the "Post Logout Redirect URIs" configured |
| 59 | +# in your ZITADEL application settings. |
| 60 | +ZITADEL_POST_LOGOUT_URL="http://localhost:3000" |
| 61 | + |
0 commit comments