refactor(auth): use group-only admin access and remove admin api-key flow from frontend/admin routes

2026-03-30 21:39:43 +08:00
parent 0e17997e66
commit 8ed50cdcc6
6 changed files with 5 additions and 55 deletions
--- a/.env.development
+++ b/.env.development
@@ -21,6 +21,4 @@ AUTHENTIK_USERINFO_ENDPOINT=https://auth.ose.tw/application/o/userinfo/

 PUBLIC_FRONTEND_ORIGINS=http://127.0.0.1:5173,http://localhost:5173
 INTERNAL_SHARED_SECRET=CHANGE_ME
-ADMIN_ALLOWLIST_EMAILS=chris@ose.tw
-ADMIN_ALLOWLIST_SUBS=17a35b0a03a752d60617cf2de2bef2aaf0f0f0f53f24e5bf33c3e7abb6c06e87
-ADMIN_REQUIRED_GROUPS=
+ADMIN_REQUIRED_GROUPS=member-admin