security: harden admin password change and production session headers

2026-02-07 21:37:55 +08:00
parent 7997a97a9a
commit 08864e51ba
26 changed files with 159 additions and 59 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -48,7 +48,8 @@ services:
      # 加密密钥配置（重要！防止容器重建时丢失密钥）
      - ENCRYPTION_KEY_RAW=${ENCRYPTION_KEY_RAW}
      - SESSION_LIFETIME_HOURS=24
-      - SESSION_COOKIE_SECURE=false
+      - SESSION_COOKIE_SECURE=true
+      - HTTPS_ENABLED=true
      - MAX_CAPTCHA_ATTEMPTS=5
      - MAX_IP_ATTEMPTS_PER_HOUR=10
      # 日志配置