chore(07): integrate LDAP config into YAML and remove JSON files
This commit is contained in:
@@ -9,15 +9,17 @@ from fastapi import Depends, HTTPException, status
|
||||
from fastapi.security import HTTPBearer
|
||||
from jose import JWTError, jwt
|
||||
from pydantic import BaseModel
|
||||
from .config_loader import get_config
|
||||
|
||||
# Configuration
|
||||
SECRET_KEY = os.environ.get("JWT_SECRET_KEY")
|
||||
if not SECRET_KEY:
|
||||
config = get_config()
|
||||
SECRET_KEY = config.get("auth", {}).get("jwt_secret_key")
|
||||
if not SECRET_KEY or SECRET_KEY == "change_me_in_production":
|
||||
# Generate fallback key for dev (NOT FOR PRODUCTION)
|
||||
import secrets
|
||||
SECRET_KEY = secrets.token_urlsafe(32)
|
||||
import sys
|
||||
print(f"[WARNING] JWT_SECRET_KEY not set. Generated ephemeral key: {SECRET_KEY[:20]}...", file=sys.stderr)
|
||||
print(f"[WARNING] JWT_SECRET_KEY not set or default used. Generated ephemeral key: {SECRET_KEY[:20]}...", file=sys.stderr)
|
||||
|
||||
ALGORITHM = "HS256"
|
||||
ACCESS_TOKEN_EXPIRE_MINUTES = 480 # 8 hours
|
||||
|
||||
Reference in New Issue
Block a user