Joakim Mörling
3532e4d486
Replace the header "Byt lösenord" link with an Inställningar menu for changing email or password. Email changes are two-step: request with password, confirmation link to the new address, then password again on confirm so a wrong inbox cannot take over the account. - Backend: EmailChangeService, V10 email_change_tokens, confirm API - Frontend: ChangeEmailPage, ConfirmEmailChangePage, header dropdown - E2E: account-settings round-trips, Mailpit verification, wrong-password guard - Flyway: V9 restore for dev DBs, CI migration checks, V10 for email tokens Co-authored-by: Cursor <cursoragent@cursor.com>
37 lines
819 B
YAML
37 lines
819 B
YAML
spring:
|
|
flyway:
|
|
locations: classpath:db/migration,classpath:db/dev-migration
|
|
|
|
datasource:
|
|
url: jdbc:postgresql://postgres:5432/${POSTGRES_DB}
|
|
driver-class-name: org.postgresql.Driver
|
|
username: ${POSTGRES_USER}
|
|
password: ${POSTGRES_PASSWORD}
|
|
|
|
h2:
|
|
console:
|
|
enabled: false
|
|
|
|
jpa:
|
|
database-platform: org.hibernate.dialect.PostgreSQLDialect
|
|
|
|
mail:
|
|
properties:
|
|
mail:
|
|
smtp:
|
|
auth: false
|
|
starttls:
|
|
enable: false
|
|
|
|
app:
|
|
payment:
|
|
swish-number: ${SWISH_NUMBER:0700000000}
|
|
letter-price: 49
|
|
jwt:
|
|
secret: ${JWT_SECRET}
|
|
public-base-url: ${APP_PUBLIC_BASE_URL:http://frontend}
|
|
# E2E only: never enable in production (see application-prod.yml).
|
|
password-reset:
|
|
expose-token: true
|
|
email-change:
|
|
expose-token: true
|