feat: Implement service-to-service authentication, centralize environment configuration, and harden Docker security.

2026-01-29 19:41:59 -03:00
parent 5d85dc0714
commit 5075a2440d
6 changed files with 169 additions and 12 deletions
--- a/.env
+++ b/.env
@@ -0,0 +1,24 @@
+# ===================================================================
+# ControlPatente - Environment Configuration
+# ===================================================================
+# Generated on: 2026-01-29
+# ===================================================================
+
+# --- Database Configuration ---
+DB_USER=postgres
+DB_PASSWORD=e0p0kcnMmG8kg2YylgQ0Mw
+DB_NAME=controlpatente
+
+# --- Security Configuration ---
+
+# JWT Secret (auto-generated)
+JWT_SECRET=d95810e29f700cb99d3ed6a891ace603522875069ec655887a01629891a38ce8
+
+# Admin password (optional - if not set, a random password will be generated on first run)
+# ADMIN_PASSWORD=
+
+# Allowed origins for CORS (comma-separated)
+ALLOWED_ORIGINS=http://localhost:5173,http://127.0.0.1:5173,https://demo.v1ru5.cl
+
+# Service-to-service API key (auto-generated)
+SERVICE_API_KEY=a6b73ab722d2980cafb89836393266f96bf798209b6a4ce2