alvaro/normogen
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
normogen/thoughts/env.example
goose 02b24a3ac1 Phase 2.3: Complete JWT Authentication with token rotation and revocation 
- Fixed DateTime timestamp issues (use timestamp_millis instead of to_millis)
- Implemented token rotation: old refresh tokens revoked on refresh
- Implemented logout revocation: tokens immediately marked as revoked
- Removed rate limiting (deferred to Phase 2.6)
- Created comprehensive verification report
- Updated STATUS.md

All Phase 2.3 objectives complete:
 JWT Access Tokens (15 min expiry)
 JWT Refresh Tokens (30 day expiry)
 Token Rotation
 Token Revocation
 PBKDF2 Password Hashing
 Auth endpoints (register, login, refresh, logout)
 Protected routes with JWT middleware
 Health check endpoints

Compiles successfully with only unused code warnings.
2026-02-15 09:05:34 -03:00

12 lines
290 B
Text
Raw Blame History

# MongoDB Configuration
MONGODB_URI=mongodb://localhost:27017
DATABASE_NAME=normogen
# JWT Configuration
JWT_SECRET=your-secret-key-here-change-in-production
JWT_ACCESS_TOKEN_EXPIRY_MINUTES=15
JWT_REFRESH_TOKEN_EXPIRY_DAYS=30
# Server Configuration
SERVER_HOST=127.0.0.1
SERVER_PORT=8000
Reference in a new issue View git blame Copy permalink