chore: remove password-lock; switch to ADMIN_TOKEN env; update docs

2026-05-03 16:34:41 -03:00
parent ea0d2c9370
commit ce7731cebb
4 changed files with 31 additions and 74 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,12 +1,10 @@
-# Admin Credentials (REQUIRED)
-# Set a strong username and password for the admin account
-ADMIN_USERNAME=admin
-ADMIN_PASSWORD=changeme
+# Admin Token (REQUIRED)
+# Long random string used to authenticate the admin via ?adm=<token> in the URL.
+# Generate with: openssl rand -hex 32
+ADMIN_TOKEN=replace-with-32-byte-random-hex

-# JWT Secret (Optional - auto-generated if not provided)
-# For production, generate a secure random string:
-# openssl rand -base64 32
-SECRET=
+# Public base URL used by the guest CLI when generating links
+PUBLIC_BASE_URL=http://localhost:3000

 # Application Settings (Optional)
 NODE_ENV=production