jesus/Rustelo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Rustelo/config/features/auth/prod.toml
Jesús Pérex 515c9343f4
Some checks failed
CI/CD Pipeline / Test Suite (push) Has been cancelled
Details
CI/CD Pipeline / Security Audit (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Image (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Details
CI/CD Pipeline / Performance Benchmarks (push) Has been cancelled
Details
CI/CD Pipeline / Cleanup (push) Has been cancelled
Details
chore: add config path
2025-07-07 23:13:01 +01:00

84 lines
2.1 KiB
TOML
Raw Blame History

# Authentication Feature Configuration - Production Environment
# Settings optimized for production security and performance
[features]
auth = true
# OAuth Configuration - Production
[oauth]
enabled = true
[oauth.google]
client_id = "${GOOGLE_CLIENT_ID}"
client_secret = "${GOOGLE_CLIENT_SECRET}"
redirect_uri = "${BASE_URL}/auth/google/callback"
[oauth.github]
client_id = "${GITHUB_CLIENT_ID}"
client_secret = "${GITHUB_CLIENT_SECRET}"
redirect_uri = "${BASE_URL}/auth/github/callback"
# JWT Configuration - Production
[auth.jwt]
secret = "${JWT_SECRET}"
expiration = 3600 # 1 hour in seconds
refresh_token_expiration = 86400 # 24 hours in seconds
algorithm = "HS256"
issuer = "rustelo-app"
audience = "rustelo-users"
# Password Policy - Strict for production
[auth.password]
min_length = 12
require_uppercase = true
require_lowercase = true
require_numbers = true
require_special_chars = true
max_age_days = 90
history_count = 12
# Account Security - Strict for production
[auth.security]
max_login_attempts = 3
lockout_duration = 1800 # 30 minutes in seconds
session_timeout = 1800 # 30 minutes in seconds
require_email_verification = true
password_reset_timeout = 1800 # 30 minutes in seconds
# Two-Factor Authentication - Enabled for production
[auth.two_factor]
enabled = true
backup_codes_count = 10
totp_issuer = "Rustelo App"
totp_digits = 6
totp_period = 30
# User Registration - Controlled for production
[auth.registration]
enabled = true
require_email_verification = true
auto_approve = false
default_role = "user"
allowed_domains = [] # Configure specific domains if needed
# Session Management - Secure for production
[auth.sessions]
cleanup_interval = 1800 # 30 minutes in seconds
max_concurrent_sessions = 3
remember_me_duration = 604800 # 7 days in seconds
# Rate Limiting - Strict for production
[auth.rate_limiting]
login_attempts_per_minute = 5
registration_attempts_per_hour = 3
password_reset_attempts_per_hour = 3
# Additional Production Security
[auth.security.advanced]
enable_bruteforce_protection = true
enable_ip_whitelist = false
whitelist_ips = []
enable_geolocation_check = false
suspicious_activity_threshold = 5
account_lockout_escalation = true
Reference in New Issue View Git Blame Copy Permalink