.env

PORT=1337
TARGET="http://localhost:3002"
USER_DATABASE_NAME="users.db"
PROXY_GOOGLE=https://google.com

ACCESS_TOKEN_SECRET="some-crypt-string-here"
ACCESS_TOKEN_LIFETIME=5
REFRESH_TOKEN_SECRET="another-crypt-string-here"
REFRESH_TOKEN_LIFETIME=86400

DEFAULT_ADMIN_EMAIL="this.user@must.be.removed.com"
DEFAULT_ADMIN_PASSWORD="removeThisUser"

DEFAULT_USER_ROLE="viewer"
USER_REGISTRATION_MODE="ON"

# SET TO "true" AND UNCOMMENT ONE OF THE EXAMPLES BELOW IF YOU WANT TO USE MSAL!
MSAL_ACTIVE="false"
MSAL_CLIENT_ID="<CLIENT_ID>"
MSAL_REDIRECT_URL="http://localhost:1337/user/msal-redirect"
MSAL_AUTHORITY="https://login.microsoftonline.com/<TENANT_ID>"

# There are two ways to authenticate towards MSAL: "client" or "cert".
# For "client", MSAL_CLIENT_SECRET must be set.
# For "cert", MSAL_CERT_THUMBPRINT and MSAL_CERT_PRIVATE_KEY must be set.

# Example 1: "client" authentication:
#MSAL_TYPE="client"
#MSAL_CLIENT_SECRET="<CLIENT_SECRET>"

# Example 2: "cert" authentication (make sure that the RSA PRIVATE KEY is a 
# one-liner - create line-breaks with "\n"):
#MSAL_TYPE="cert"
#MSAL_CERT_THUMBPRINT="<40_HEX_CHARACTERS>"
#MSAL_CERT_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMAKE_SURE_TO_KEEP_THIS_AS_ONE_LINE_AND_ADD_LINE_BREAKS_LIKE_THIS\n-----END RSA PRIVATE KEY-----"