matt/opnform-host-nginx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enhance JWT Authentication Middleware and Configuration

Browse Source 
- Updated the `AuthenticateJWT.php` middleware to conditionally skip IP and User Agent validation based on a new configuration setting, improving flexibility for users with dynamic IPs.
- Added a new configuration option `jwt_skip_ip_ua_validation` in `app.php` to control the validation behavior, allowing it to be set via the environment file.
- Updated documentation in `environment-variables.mdx` to include the new configuration option, ensuring users are informed about its purpose and usage.

These changes enhance the JWT authentication process by providing an option to bypass IP and User Agent validation, improving usability for self-hosted users.
This commit is contained in:
Julien Nahum
2025-05-07 08:26:33 +02:00
parent f2f5213d46
commit 6b03808d36
3 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/configuration/environment-variables.mdx
View File

@@ -41,6 +41,7 @@ There are dedicated configuration pages available for more detailed setup instru
| `FRONT_API_SECRET` | Shared secret with the front-end. |
| `TELEGRAM_BOT_ID` | ID of your Telegram bot for notifications. |
| `TELEGRAM_BOT_TOKEN` | Authentication token for your Telegram bot. |
| `JWT_SKIP_IP_UA_VALIDATION` | Set to `true` to disable JWT IP and User Agent validation (defaults to `false`). Useful for dynamic IPs. |
### User Options Environment Variables