-
Notifications
You must be signed in to change notification settings - Fork 20
Expand file tree
/
Copy path.env.example
More file actions
68 lines (58 loc) · 3.44 KB
/
.env.example
File metadata and controls
68 lines (58 loc) · 3.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# -----------------------------------------------------------------------------
# App Configuration
# -----------------------------------------------------------------------------
# The environment in which the application is running. This should be set to
# 'production' on your live server to enable security features like secure
# cookies. For local development, 'development' is appropriate.
NODE_ENV=development
# The network port on which the Next.js dev server will listen for incoming
# connections. Change this if port 3000 is already in use on your system.
# Note: Next.js does not load .env.local early enough to pick the port for its own server startup.
# That means Next.js chooses its default port (3000) unless you pass one from the shell or CLI flag.
# E.g. `npm run dev -- -p 4000`
PORT=3000
# -----------------------------------------------------------------------------
# Session Configuration
# -----------------------------------------------------------------------------
# A long, random, and secret string used to sign the session cookie. This
# prevents the cookie from being tampered with. It must be kept private.
# Generate a secure key using:
# node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
SESSION_SECRET="your-very-secret-and-strong-session-key"
# The total duration of the session in seconds. After this period of
# inactivity, the user will be effectively logged out.
# Default is 3600, which is 1 hour (60 * 60).
SESSION_DURATION=3600
# -----------------------------------------------------------------------------
# ZITADEL OpenID Connect (OIDC) Configuration
# -----------------------------------------------------------------------------
# The full domain URL of your ZITADEL instance. You can find this in your
# ZITADEL organization's settings.
# Example: https://my-org-a1b2c3.zitadel.cloud
ZITADEL_DOMAIN="https://your-zitadel-domain"
# The unique Client ID for your application, obtained from the ZITADEL Console.
# This identifier tells ZITADEL which application is making the request.
ZITADEL_CLIENT_ID="your-zitadel-application-client-id"
# While the Authorization Code Flow with PKCE for public clients
# does not strictly require a client secret for OIDC specification compliance,
# Auth.js will still require a value for its internal configuration.
# Therefore, please provide a randomly generated string here.
# You can generate a secure key using:
# node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
ZITADEL_CLIENT_SECRET="your-randomly-generated-client-secret"
# The full URL where ZITADEL redirects the user after they have authenticated.
# This MUST exactly match one of the "Redirect URIs" you have configured in
# your ZITADEL application settings.
ZITADEL_CALLBACK_URL="http://localhost:3000/api/auth/callback/zitadel"
# The internal URL within your application where users are sent after a
# successful login is processed at the callback URL.
# Defaults to "/profile" if not specified.
ZITADEL_POST_LOGIN_URL="/profile"
# The full URL where ZITADEL redirects the user after they have logged out.
# This MUST exactly match one of the "Post Logout Redirect URIs" configured
# in your ZITADEL application settings.
ZITADEL_POST_LOGOUT_URL="http://localhost:3000/api/auth/logout/callback"
# The full public URL of your application.
# Auth.js requires this to create secure callback and redirect links.
# This is optional for local development but REQUIRED for production.
NEXTAUTH_URL="http://localhost:3000"