Code review fixes, Docker, and deployment config
- Fix tsconfig: switch to ESNext/Bundler module resolution (tsx compatible) - Sanitize file extensions against path traversal (^.[a-zA-Z0-9]+$ only) - Sanitize Content-Disposition filename to prevent header injection - Extract tokenCookieOptions helper to eliminate duplication across auth handlers - Remove unused baseUrl param from fileListPage - Add Dockerfile (multi-stage build with alpine + native tools for bcrypt) - Add docker-compose.yml with named volume for data persistence - Add .env.example with all environment variables documented Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
11
.env.example
Normal file
11
.env.example
Normal file
@@ -0,0 +1,11 @@
|
||||
PORT=3000
|
||||
HOST=0.0.0.0
|
||||
JWT_SECRET=change-me-to-a-long-random-secret
|
||||
JWT_EXPIRY=7d
|
||||
DB_PATH=./data/nanodrop.db
|
||||
UPLOAD_DIR=./data/uploads
|
||||
LOG_FILE=./data/nanodrop.log
|
||||
MAX_FILE_SIZE=104857600
|
||||
BASE_URL=http://localhost:3000
|
||||
COOKIE_SECURE=false
|
||||
TRUST_PROXY=false
|
||||
Reference in New Issue
Block a user