review(env): shift secret to env file and added logger
This commit is contained in:
parent
b0dcd27049
commit
aecd564f7b
7 changed files with 21 additions and 2 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
|
@ -36,3 +36,6 @@ npm-debug.log
|
|||
/assets/node_modules/
|
||||
|
||||
.cursor
|
||||
|
||||
# Ignore the .env file with env variables
|
||||
.env
|
||||
|
|
|
|||
2
Justfile
2
Justfile
|
|
@ -1,3 +1,5 @@
|
|||
set dotenv-load := true
|
||||
|
||||
run: install-dependencies start-database migrate-database seed-database
|
||||
mix phx.server
|
||||
|
||||
|
|
|
|||
|
|
@ -93,5 +93,5 @@ config :mv, :token_signing_secret, "IwUwi65TrEeExwBXXFPGm2I7889NsL"
|
|||
config :mv, :rauthy,
|
||||
client_id: "mv",
|
||||
base_url: "http://localhost:8080/auth/v1",
|
||||
client_secret: "GWGkEWBLRAzZruXhipQKSjeaOtwZtKdETBABHLAXVoqrhsJoXUOsIDfNVOXCQUEv",
|
||||
client_secret: System.get_env("OIDC_CLIENT_SECRET"),
|
||||
redirect_uri: "http://localhost:4000/auth/user/rauthy/callback"
|
||||
|
|
|
|||
|
|
@ -53,6 +53,8 @@ if config_env() == :prod do
|
|||
|
||||
config :mv, :dns_cluster_query, System.get_env("DNS_CLUSTER_QUERY")
|
||||
|
||||
config :mv, :rauthy, redirect_uri: "http://localhost:4000/auth/user/rauthy/callback"
|
||||
|
||||
config :mv, MvWeb.Endpoint,
|
||||
url: [host: host, port: 443, scheme: "https"],
|
||||
http: [
|
||||
|
|
|
|||
|
|
@ -33,12 +33,14 @@ services:
|
|||
|
||||
rauthy:
|
||||
container_name: rauthy-test
|
||||
image: ghcr.io/sebadob/rauthy:latest
|
||||
image: ghcr.io/sebadob/rauthy:0.30.2
|
||||
environment:
|
||||
- LOCAL_TEST=true
|
||||
- SMTP_URL=mailcrab
|
||||
- SMTP_PORT=1025
|
||||
- SMTP_DANGER_INSECURE=true
|
||||
- LISTEN_SCHEME=http
|
||||
- PUB_URL=localhost:8080
|
||||
- BOOTSTRAP_ADMIN_PASSWORD_PLAIN=RauthyTest12345
|
||||
#- HIQLITE=false
|
||||
#- PG_HOST=db
|
||||
|
|
@ -54,7 +56,13 @@ services:
|
|||
networks:
|
||||
- rauthy-test
|
||||
- local
|
||||
volumes:
|
||||
- type: volume
|
||||
source: rauthy-data
|
||||
target: /app/data
|
||||
|
||||
volumes:
|
||||
postgres-data:
|
||||
rauthy-data:
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ defmodule Mv.Accounts.User do
|
|||
token_resource Mv.Accounts.Token
|
||||
require_token_presence_for_authentication? true
|
||||
store_all_tokens? true
|
||||
#signing_algorithm "EdDSA" -> https://git.local-it.org/local-it/mitgliederverwaltung/issues/87
|
||||
|
||||
signing_secret fn _, _ ->
|
||||
{:ok, Application.get_env(:mv, :token_signing_secret)}
|
||||
|
|
@ -38,6 +39,7 @@ defmodule Mv.Accounts.User do
|
|||
client_secret Mv.Secrets
|
||||
auth_method :client_secret_jwt
|
||||
code_verifier true
|
||||
#id_token_signed_response_alg "EdDSA" #-> https://git.local-it.org/local-it/mitgliederverwaltung/issues/87
|
||||
end
|
||||
|
||||
password :password do
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require Logger
|
||||
defmodule MvWeb.AuthController do
|
||||
use MvWeb, :controller
|
||||
use AshAuthentication.Phoenix.Controller
|
||||
|
|
@ -22,6 +23,7 @@ defmodule MvWeb.AuthController do
|
|||
end
|
||||
|
||||
def failure(conn, activity, reason) do
|
||||
Logger.error(%{conn: conn, reason: reason})
|
||||
message =
|
||||
case {activity, reason} do
|
||||
{_,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue