From 04d93d7d235d328ef40c9dae4e1f56dc8a5e893f Mon Sep 17 00:00:00 2001 From: Pawel Zelawski Date: Sat, 23 May 2026 11:11:53 +0200 Subject: feat: harden demo security and add full test suite --- README.md | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'README.md') diff --git a/README.md b/README.md index 7e5778c..8e72471 100644 --- a/README.md +++ b/README.md @@ -25,8 +25,7 @@ digiid-ts-demo/ │ │ ├── main.tsx # Frontend entry point │ │ └── index.css # Global styles │ └── server/ # Express backend -│ ├── main.ts # Server entry point -│ └── utils.ts # Utility functions +│ └── main.ts # Server entry point ├── public/ # Static assets ├── .env # Environment variables └── package.json # Project dependencies @@ -54,10 +53,13 @@ digiid-ts-demo/ ``` 3. Configure environment variables: - Create a `.env` file in the root directory with the following variables: + Create a `.env` file in the root directory (you can copy from `.env.example`) with the following variables: ``` PORT=3001 - PUBLIC_URL=https://your-domain.com + PUBLIC_URL=http://localhost:3001 + VITE_API_PROXY_TARGET=http://localhost:3001 + SESSION_TTL_MS=300000 + MAX_SESSIONS=1000 ``` ### Running the Application @@ -69,6 +71,13 @@ npm run dev This will start both the frontend and backend servers concurrently. +### Running Tests + +```bash +npm test +npm run test:coverage +``` + ## Authentication Flow 1. User clicks "Sign in with Digi-ID" button @@ -165,6 +174,9 @@ PUBLIC_URL=https://your-domain.com - `PORT`: Port number for the backend server (default: 3001) - `PUBLIC_URL`: The public URL of your application (required for callback handling) +- `VITE_API_PROXY_TARGET`: Backend URL used by Vite dev proxy (default: `http://localhost:3001`) +- `SESSION_TTL_MS`: Session expiration time in milliseconds (default: `300000`, i.e. 5 minutes) +- `MAX_SESSIONS`: Maximum in-memory active sessions (default: `1000`) ## License -- cgit v1.2.3