feat(security): harden for production deployment
- auth: first registered user becomes superadmin (active immediately) - entrypoint: no longer seeds demo data in prod (opt-in via RUN_SEED=1) - config: refuse to boot in prod with weak/placeholder SECRET_KEY (<32 chars) - main: restrict CORS to FRONTEND_URL only in prod (localhost dev-only) - seed_db: block prod seeding, read passwords from env, stop printing them - login: remove demo account credentials from UI Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -41,12 +41,6 @@
|
||||
<p class="register-link">
|
||||
Don't have an account? <router-link to="/register">Register</router-link>
|
||||
</p>
|
||||
|
||||
<div class="demo-accounts">
|
||||
<p class="demo-title">Demo Accounts:</p>
|
||||
<p><strong>Admin:</strong> admin@example.com / adminpassword</p>
|
||||
<p><strong>User:</strong> user@example.com / userpassword</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
@@ -129,24 +123,6 @@ h2 {
|
||||
text-decoration: underline;
|
||||
}
|
||||
|
||||
.demo-accounts {
|
||||
margin-top: 2rem;
|
||||
padding-top: 1.5rem;
|
||||
border-top: 1px solid var(--color-border);
|
||||
font-size: 0.9rem;
|
||||
color: var(--color-text-secondary);
|
||||
}
|
||||
|
||||
.demo-title {
|
||||
font-weight: 600;
|
||||
margin-bottom: 0.5rem;
|
||||
color: var(--color-text-primary);
|
||||
}
|
||||
|
||||
.demo-accounts p {
|
||||
margin: 0.25rem 0;
|
||||
}
|
||||
|
||||
.error {
|
||||
margin-top: 1rem;
|
||||
padding: 0.75rem;
|
||||
|
||||
Reference in New Issue
Block a user