member/member-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security): enforce admin allowlist guard on admin APIs and attach bearer for admin client

Browse Source
This commit is contained in:
Chris
2026-03-30 21:25:57 +08:00
parent 0cd863f9c2
commit 0e17997e66
8 changed files with 65 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env.development
View File

@@ -21,3 +21,6 @@ AUTHENTIK_USERINFO_ENDPOINT=https://auth.ose.tw/application/o/userinfo/
PUBLIC_FRONTEND_ORIGINS=http://127.0.0.1:5173,http://localhost:5173
INTERNAL_SHARED_SECRET=CHANGE_ME
ADMIN_ALLOWLIST_EMAILS=chris@ose.tw
ADMIN_ALLOWLIST_SUBS=17a35b0a03a752d60617cf2de2bef2aaf0f0f0f53f24e5bf33c3e7abb6c06e87
ADMIN_REQUIRED_GROUPS=