mirror of
https://github.com/claunia/marechai.git
synced 2026-07-08 17:57:08 +00:00
Remove hardcoded secrets from appsettings.json
JWT signing key and database connection string were committed in plaintext. Both are now empty placeholders; real values live in .NET User Secrets (dev) and must be supplied via environment variables or a secrets manager in production.
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"ConnectionStrings": {
|
||||
"DefaultConnection": "server=mariadb-dev.claunia.com;port=3306;user=marechai;password=marechaipass;database=marechai;TreatTinyAsBoolean=false"
|
||||
"DefaultConnection": ""
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
@@ -67,7 +67,7 @@
|
||||
}
|
||||
],
|
||||
"Jwt": {
|
||||
"Key": "!SomethingSecret!!SomethingSecret!!SomethingSecret!!SomethingSecret!",
|
||||
"Key": "",
|
||||
"Issuer": "apiWithAuthBackend",
|
||||
"Audience": "apiWithAuthBackend"
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user