# https://www.playframework.com/documentation/latest/Configuration
play.filters.disabled += play.filters.csrf.CSRFFilter
play.filters.disabled += play.filters.hosts.AllowedHostsFilter

play.http.secret.key="QCY?tAnfk?aZ?iwrNwnxIlR6CTf:G3gf:90Latabg@5241AB`R5W:1uDFN];Ik@n"
play.http.secret.key=${?APPLICATION_SECRET}

auth {
  issuer = "knockoutwhistweb"
  audience = "ui"
  privateKeyFile = ${?PRIVATE_KEY_FILE}
  privateKeyPem  = ${?PRIVATE_KEY_PEM}
  publicKeyFile = ${?PUBLIC_KEY_FILE}
  publicKeyPem  = ${?PUBLIC_KEY_PEM}
}

play.filters.enabled += "play.filters.cors.CORSFilter"

play.filters.cors {
  allowedOrigins = ["http://localhost:5173", "http://localhost:3000"]
  allowedCredentials = true
  allowedHttpMethods = ["GET", "POST", "PUT", "DELETE", "OPTIONS"]
  allowedHttpHeaders = ["Accept", "Content-Type", "Origin", "X-Requested-With"]
}