review(env): shift secret to env file and added logger

2025-06-24 09:52:17 +02:00 · 2025-06-24 09:52:17 +02:00 · 08b3735c1b
commit 08b3735c1b
parent b69ef02169
7 changed files with 21 additions and 2 deletions
--- a/lib/accounts/user.ex
+++ b/lib/accounts/user.ex
@ -24,6 +24,7 @@ defmodule Mv.Accounts.User do
      token_resource Mv.Accounts.Token
      require_token_presence_for_authentication? true
      store_all_tokens? true
+      #signing_algorithm "EdDSA" -> https://git.local-it.org/local-it/mitgliederverwaltung/issues/87

      signing_secret fn _, _ ->
        {:ok, Application.get_env(:mv, :token_signing_secret)}
@ -38,6 +39,7 @@ defmodule Mv.Accounts.User do
        client_secret Mv.Secrets
        auth_method :client_secret_jwt
        code_verifier true
+        #id_token_signed_response_alg "EdDSA" #-> https://git.local-it.org/local-it/mitgliederverwaltung/issues/87
      end

      password :password do
--- a/lib/mv_web/controllers/auth_controller.ex
+++ b/lib/mv_web/controllers/auth_controller.ex
@ -1,3 +1,4 @@
+require Logger
 defmodule MvWeb.AuthController do
  use MvWeb, :controller
  use AshAuthentication.Phoenix.Controller
@ -22,6 +23,7 @@ defmodule MvWeb.AuthController do
  end

  def failure(conn, activity, reason) do
+    Logger.error(%{conn: conn, reason: reason})
    message =
      case {activity, reason} do
        {_,