mirror of
https://github.com/claunia/marechai.git
synced 2026-07-08 17:57:08 +00:00
Remove hardcoded secrets from appsettings.json
JWT signing key and database connection string were committed in plaintext. Both are now empty placeholders; real values live in .NET User Secrets (dev) and must be supplied via environment variables or a secrets manager in production.
This commit is contained in:
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"ConnectionStrings": {
|
"ConnectionStrings": {
|
||||||
"DefaultConnection": "server=mariadb-dev.claunia.com;port=3306;user=marechai;password=marechaipass;database=marechai;TreatTinyAsBoolean=false"
|
"DefaultConnection": ""
|
||||||
},
|
},
|
||||||
"Logging": {
|
"Logging": {
|
||||||
"LogLevel": {
|
"LogLevel": {
|
||||||
@@ -67,7 +67,7 @@
|
|||||||
}
|
}
|
||||||
],
|
],
|
||||||
"Jwt": {
|
"Jwt": {
|
||||||
"Key": "!SomethingSecret!!SomethingSecret!!SomethingSecret!!SomethingSecret!",
|
"Key": "",
|
||||||
"Issuer": "apiWithAuthBackend",
|
"Issuer": "apiWithAuthBackend",
|
||||||
"Audience": "apiWithAuthBackend"
|
"Audience": "apiWithAuthBackend"
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user