docs:补充浏览器免重登 + CDROP_SESSION_SECRET 配置
- README:已落地补「浏览器免重登 + PWA」一项;prod 配置清单新增 CDROP_SESSION_SECRET(prod 强制非空,缺则拒启动) - .env.example、docker/compose.snippet.yaml:补 CDROP_SESSION_SECRET 模板项
This commit is contained in:
@@ -14,6 +14,9 @@ CDROP_DEV_TOKEN=replace-with-32-byte-random-base64
|
||||
# CDROP_OIDC_CLIENT_ID=your-client-id
|
||||
# CDROP_OIDC_REDIRECT_URI=https://your-domain.example/oauth/callback
|
||||
# CDROP_OIDC_SCOPES=openid profile email
|
||||
# prod 强制非空:浏览器免重登会话的 refresh_token 落盘加密密钥(任意长度高熵串,
|
||||
# 内部 SHA-256 派生为 32 字节 AES-256 密钥)。留空则 prod 启动期校验失败、拒启动。
|
||||
# CDROP_SESSION_SECRET=
|
||||
# CDROP_HS256_SECRET=
|
||||
# CDROP_TURN_URL=stun:your-stun.example:3478
|
||||
|
||||
|
||||
Reference in New Issue
Block a user