pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity
Files
e9eccc5b21588d2d001d2131d18b9cf6abe60534
nuzlocke-tracker/backend/.env.example
Julian Tabel e9eccc5b21 feat: migrate JWT verification from HS256 shared secret to JWKS 
Replace symmetric HS256 JWT verification with asymmetric RS256 using JWKS.
Backend now fetches and caches public keys from Supabase's JWKS endpoint
instead of using a shared secret.

- Add cryptography dependency for RS256 support
- Use PyJWKClient to fetch/cache JWKS from {SUPABASE_URL}/.well-known/jwks.json
- Remove SUPABASE_JWT_SECRET from config, docker-compose, deploy workflow, .env
- Update tests to use RS256 tokens with mocked JWKS client

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-22 09:24:41 +01:00

14 lines
302 B
Plaintext
Raw Blame History

# Application settings
APP_NAME="Another Nuzlocke Tracker API"
DEBUG=true
# API settings
API_V1_PREFIX="/api/v1"
# Database settings
DATABASE_URL="sqlite:///./nuzlocke.db"
# Supabase Auth (JWKS used for JWT verification)
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-anon-key
Reference in New Issue View Git Blame Copy Permalink