Read admin password from env var in production

api/App/Program.cs

@@ -25,6 +25,13 @@ public class Program
         var authOptions = builder.Configuration.GetSection("Auth").Get<AuthOptions>()
             ?? throw new InvalidOperationException("Auth configuration was not found.");
 
+        if (builder.Environment.IsProduction())
+        {
+            authOptions.Admin.Password =
+                Environment.GetEnvironmentVariable("KLAPI_ADMIN_PASSWORD")
+                ?? throw new InvalidOperationException("Admin password must be set in production environment using KLAPI_ADMIN_PASSWORD environment variable.");
+        }
+
         if (string.IsNullOrWhiteSpace(authOptions.SigningKey) || authOptions.SigningKey.Length < 32)
         {
             throw new InvalidOperationException("Auth:SigningKey must be at least 32 characters long.");

api/App/appsettings.json

@@ -12,15 +12,10 @@
     "Issuer": "klapi-api",
     "Audience": "klapi-ui",
     "SigningKey": "change-this-to-a-long-random-32-char-minimum-key",
-    "AllowedOrigins": [
+    "AllowedOrigins": ["https://klapi.tietokonepaja.fi"],
-      "http://localhost:5173",
-      "http://127.0.0.1:5173",
-      "http://localhost:4173",
-      "http://127.0.0.1:4173"
-    ],
     "Admin": {
       "Username": "admin",
-      "Password": "changeme",
+      "Password": "<set in env var KLAPI_ADMIN_PASSWORD>",
       "DisplayName": "Administrator"
     }
   },