Remove hardcoded secrets from appsettings.json

JWT signing key and database connection string were committed in plaintext.
Both are now empty placeholders; real values live in .NET User Secrets (dev)
and must be supplied via environment variables or a secrets manager in production.
This commit is contained in:
2026-07-04 14:46:39 +01:00
parent 325a3f437a
commit ab2a617600

View File

@@ -1,6 +1,6 @@
{
"ConnectionStrings": {
"DefaultConnection": "server=mariadb-dev.claunia.com;port=3306;user=marechai;password=marechaipass;database=marechai;TreatTinyAsBoolean=false"
"DefaultConnection": ""
},
"Logging": {
"LogLevel": {
@@ -67,7 +67,7 @@
}
],
"Jwt": {
"Key": "!SomethingSecret!!SomethingSecret!!SomethingSecret!!SomethingSecret!",
"Key": "",
"Issuer": "apiWithAuthBackend",
"Audience": "apiWithAuthBackend"
},