···

       
4
       
4
       
 
       
DB_PATH=":memory:"         # The SQLite database path. Set as ":memory:" to use a temporary in-memory database.

     

       
5
       
5
       
 
       
# PUBLIC_URL=""            # Set when deployed publicly, e.g. "https://mysite.com". Informs OAuth client id.

     

       
6
       
6
       
 
       
# LOG_LEVEL="info"         # Options: 'fatal', 'error', 'warn', 'info', 'debug'

     

       
7
       
7
       
-
       
# PDS_URL="https://my.pds" # The the default PDS for login and sign-ups

     

       
7
       
7
       
+
       
# PDS_URL="https://my.pds" # The default PDS for login and sign-ups

     

       
8
       
8
       
 
       


     

       
9
       
9
       
-
       
# Secrets bellow *MUST* be set in production

     

       
9
       
9
       
+
       
# Secrets below *MUST* be set in production

     

       
10
       
10
       
 
       


     

       
11
       
11
       
 
       
# May be generated with `openssl rand -base64 33`

     

       
12
       
12
       
 
       
# COOKIE_SECRET=""

     

···

       
31
       
31
       
 
       


     

       
32
       
32
       
 
       
  // If a keyset is defined (meaning the client is confidential). Let's make

     

       
33
       
33
       
 
       
  // sure it has a private key for signing. Note: findPrivateKey will throw if

     

       
34
       
34
       
-
       
  // the keyset does no contain a suitable private key.

     

       
34
       
34
       
+
       
  // the keyset does not contain a suitable private key.

     

       
35
       
35
       
 
       
  const pk = keyset?.findPrivateKey({ use: 'sig' })

     

       
36
       
36
       
 
       


     

       
37
       
37
       
 
       
  const clientMetadata: OAuthClientMetadataInput = env.PUBLIC_URL