digitalboard.core

History

Simon Bärlocher a8954f525c fix(opnform): align FRONT_API_SECRET across api and ui SSR path The api service now also receives FRONT_API_SECRET so AuthenticateJWT accepts the UI's server-side JWT forwards instead of blacklisting them on UA mismatch. On the ui service the var is renamed FRONT_API_SECRET -> NUXT_API_SECRET so Nuxt's runtimeConfig.apiSecret is actually populated (NUXT_<key> convention) and injected as x-api-secret, short-circuiting the UA-fingerprint check that otherwise 401s every reload.	2026-06-02 17:05:44 +02:00
..
docker-compose.yml.j2	fix(opnform): align FRONT_API_SECRET across api and ui SSR path	2026-06-02 17:05:44 +02:00
nginx.conf.j2	feat(services): refine split-horizon OIDC routing and harden nextcloud patch	2026-06-02 13:44:08 +02:00

Simon Bärlocher a8954f525c

fix(opnform): align FRONT_API_SECRET across api and ui SSR path

The api service now also receives FRONT_API_SECRET so AuthenticateJWT
accepts the UI's server-side JWT forwards instead of blacklisting them
on UA mismatch. On the ui service the var is renamed FRONT_API_SECRET ->
NUXT_API_SECRET so Nuxt's runtimeConfig.apiSecret is actually populated
(NUXT_<key> convention) and injected as x-api-secret, short-circuiting
the UA-fingerprint check that otherwise 401s every reload.

2026-06-02 17:05:44 +02:00

docker-compose.yml.j2

fix(opnform): align FRONT_API_SECRET across api and ui SSR path

2026-06-02 17:05:44 +02:00

nginx.conf.j2

feat(services): refine split-horizon OIDC routing and harden nextcloud patch

2026-06-02 13:44:08 +02:00