s0wlz (Matthias Puchstein)
ff5ad26cfc
- Switched to secure httpOnly, SameSite=Strict cookies for JWT authentication. - Refactored backend to use AppState for shared secrets and database pool caching. - Modernized frontend with Svelte 5 runes ($state) and removed localStorage reliance. - Gated destructive test endpoints behind debug_assertions and fixed unsafe test patterns. - Enhanced CI pipeline with cargo clippy, cargo fmt, and pinned pnpm version. - Updated documentation and implementation plans to match the hardened architecture.
14 lines
284 B
YAML
14 lines
284 B
YAML
services:
|
|
app:
|
|
build: .
|
|
ports:
|
|
- "${HOST_PORT:-3000}:3000"
|
|
volumes:
|
|
- ./data:/data
|
|
environment:
|
|
- DATABASE_URL=sqlite:/data/attendance.db
|
|
- STATIC_DIR=/app/frontend/build
|
|
- JWT_SECRET=${JWT_SECRET}
|
|
- PORT=3000
|
|
restart: always
|