pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity
Files
177c02006a01f69e29f416f3f5240aa675e7bd79
nuzlocke-tracker/backend/.env.example
Julian Tabel 177c02006a
All checks were successful
CI / backend-tests (pull_request) Successful in 28s
Details
CI / frontend-tests (pull_request) Successful in 28s
Details
feat: migrate JWT verification from HS256 shared secret to JWKS 
Replace symmetric HS256 JWT verification with asymmetric RS256 using JWKS.
Backend now fetches and caches public keys from Supabase's JWKS endpoint
instead of using a shared secret.

- Add cryptography dependency for RS256 support
- Use PyJWKClient to fetch/cache JWKS from {SUPABASE_URL}/.well-known/jwks.json
- Remove SUPABASE_JWT_SECRET from config, docker-compose, deploy workflow, .env
- Update tests to use RS256 tokens with mocked JWKS client

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-21 14:01:36 +01:00

14 lines
302 B
Plaintext
Raw Blame History

# Application settings
APP_NAME="Another Nuzlocke Tracker API"
DEBUG=true
# API settings
API_V1_PREFIX="/api/v1"
# Database settings
DATABASE_URL="sqlite:///./nuzlocke.db"
# Supabase Auth (JWKS used for JWT verification)
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-anon-key
Reference in New Issue View Git Blame Copy Permalink