feat: enhance CORS configuration and implement throttling for API endpoints; add admin role checks in controllers
This commit is contained in:
Nils-Johan Gynther
@@ -23,6 +23,8 @@ MISTRAL_API_KEY=
|
||||
# Publik URL (används av frontend)
|
||||
NEXT_PUBLIC_APP_URL=https://recept.gynther.se
|
||||
NEXT_PUBLIC_API_URL=https://recept.gynther.se
|
||||
# CORS — tillåtna origins för backend-API (normalt samma som APP_URL)
|
||||
ALLOWED_ORIGIN=https://recept.gynther.se
|
||||
|
||||
# Bootstrap-användare (skapas/uppdateras vid appstart)
|
||||
ADMIN_NADMIN_PASSWORD=byt-ut-mig
|
||||
|
||||
Reference in New Issue
Block a user