f60b7261b5
- Backend: Azure AD JWKS validator with 24h cache, new POST /api/v1/auth/sso/login endpoint, sso_login() in AuthService with auto-provisioning, password_hash made nullable, auth_provider column added, Alembic migration c1d2e3f4a5b6 - Frontend: @azure/msal-browser, msal.ts config singleton, ssoLogin() API function, login page updated with SSO button and redirect callback handling - Deploy: frontend Dockerfile and docker-compose.prod.yml updated to bake Azure AD vars into the image at build time; deploy.sh validates SSO config on init/deploy Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
12 lines
439 B
Text
12 lines
439 B
Text
# For local development (pointing to Docker backend)
|
|
NEXT_PUBLIC_API_URL=http://localhost:8040
|
|
NEXT_PUBLIC_WS_URL=ws://localhost:8040
|
|
|
|
# For production (behind nginx, same origin — leave empty or omit)
|
|
# NEXT_PUBLIC_API_URL=
|
|
# NEXT_PUBLIC_WS_URL=
|
|
|
|
# Azure AD SSO
|
|
NEXT_PUBLIC_AZURE_AD_TENANT_ID=e519c2e6-bc6d-4fdf-8d9c-923c2f002385
|
|
NEXT_PUBLIC_AZURE_AD_CLIENT_ID=9079054c-9620-4757-a256-23413042f1ef
|
|
NEXT_PUBLIC_AZURE_AD_SSO_ENABLED=true
|