6290a3a448
states, and pulls data from the authenticated /api/v1/tenant/packages endpoint.
(resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts)
- Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA
routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx,
resources/js/admin/router.tsx, routes/web.php)
15 lines
518 B
PHP
15 lines
518 B
PHP
<?php
|
|
|
|
return [
|
|
'keys' => [
|
|
'current_kid' => env('OAUTH_JWT_KID', 'fotospiel-jwt'),
|
|
'storage_path' => env('OAUTH_KEY_STORE', storage_path('app/oauth-keys')),
|
|
],
|
|
'refresh_tokens' => [
|
|
'enforce_ip_binding' => env('OAUTH_REFRESH_ENFORCE_IP', true),
|
|
'allow_subnet_match' => env('OAUTH_REFRESH_ALLOW_SUBNET', false),
|
|
'max_active_per_tenant' => env('OAUTH_REFRESH_MAX_ACTIVE', 5),
|
|
'audit_retention_days' => env('OAUTH_REFRESH_AUDIT_RETENTION_DAYS', 90),
|
|
],
|
|
];
|