porchlight

lundberg/porchlight

Fork 0

Commit graph

Author	SHA1	Message	Date
Johan Lundberg	cf2754f302	fix(security): require a configured session secret in production session_secret defaulted to a random per-process value, which silently invalidates all sessions on restart and rotates the management client secret. Add _resolve_session_secret(): use the configured secret; allow a generated one only in debug or for a localhost issuer; otherwise fail startup. The management client secret is now tied to the resolved session secret. Refs: porchlight-wvx Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-05 14:12:54 +02:00
Johan Lundberg	64f8c1936b	refactor: fix lint warnings and remove stale type: ignore comments	2026-02-18 13:08:03 +01:00
Johan Lundberg	eeb09321e2	feat: register OIDC clients from config file	2026-02-18 12:48:23 +01:00

Author

SHA1

Message

Date

Johan Lundberg

cf2754f302

fix(security): require a configured session secret in production

session_secret defaulted to a random per-process value, which silently
invalidates all sessions on restart and rotates the management client secret.
Add _resolve_session_secret(): use the configured secret; allow a generated
one only in debug or for a localhost issuer; otherwise fail startup. The
management client secret is now tied to the resolved session secret.

Refs: porchlight-wvx

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-05 14:12:54 +02:00

Johan Lundberg

64f8c1936b

refactor: fix lint warnings and remove stale type: ignore comments

2026-02-18 13:08:03 +01:00

Johan Lundberg

eeb09321e2

feat: register OIDC clients from config file

2026-02-18 12:48:23 +01:00

3 commits