rohskiddo/UMBRA
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
UMBRA/.env.example
Kyle Pope fc1f8d5514 Fix passkey registration: use correct py_webauthn credential parsers 
RegistrationCredential and AuthenticationCredential are plain dataclasses,
not Pydantic models — model_validate_json() does not exist on them.
Replace with parse_registration_credential_json() and
parse_authentication_credential_json() from webauthn.helpers, which
correctly parse the camelCase JSON from @simplewebauthn/browser and
convert base64url fields to bytes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 23:40:26 +08:00

48 lines
2.5 KiB
Plaintext
Raw Blame History

# ──────────────────────────────────────
# Database
# ──────────────────────────────────────
POSTGRES_USER=umbra
POSTGRES_PASSWORD=changeme_in_production
POSTGRES_DB=umbra
DATABASE_URL=postgresql+asyncpg://umbra:changeme_in_production@db:5432/umbra
# ──────────────────────────────────────
# Application
# ──────────────────────────────────────
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
SECRET_KEY=your-secret-key-change-in-production
# development | production — controls Swagger/ReDoc visibility and cookie defaults
ENVIRONMENT=development
# Public URL — used for ntfy click links and auto-derives CORS_ORIGINS in production
# UMBRA_URL=https://umbra.example.com
# Timezone (applied to backend + db containers via env_file)
TZ=Australia/Perth
# ──────────────────────────────────────
# WebAuthn / Passkeys
# ──────────────────────────────────────
# REQUIRED for passkeys to work. Must match the domain users access UMBRA on.
# RP_ID = eTLD+1 (no scheme, no port). ORIGIN = full origin with scheme.
WEBAUTHN_RP_ID=umbra.example.com
WEBAUTHN_RP_NAME=UMBRA
WEBAUTHN_ORIGIN=https://umbra.example.com
# ──────────────────────────────────────
# Integrations
# ──────────────────────────────────────
OPENWEATHERMAP_API_KEY=your-openweathermap-api-key
# ──────────────────────────────────────
# Overrides (rarely needed)
# ──────────────────────────────────────
# COOKIE_SECURE auto-derives from ENVIRONMENT (production → true).
# Only set explicitly to override, e.g. false for a non-TLS prod behind a proxy.
# COOKIE_SECURE=false
# CORS_ORIGINS auto-derives from UMBRA_URL in production, http://localhost:5173 in dev.
# Only set explicitly if you need a different origin or multiple origins.
# CORS_ORIGINS=https://custom-domain.example.com
Reference in New Issue View Git Blame Copy Permalink