snapr

    Authentication

    server.auth enables a login flow for the web UI and protects API endpoints. JWT-based.

    Fields

    FieldTypeDefaultNotes
    enabledboolfalseturns auth on
    usernamestringrequired when enabled: true
    passwordstringrequired when enabled: true. Use env:.
    tokenExpirationintminutes before the JWT expires
    cookiesobjectsee below

    cookies

    FieldTypeDefaultNotes
    secureboolfalsesets the Secure cookie flag
    sameSitestringlax, strict, or none
    domainstringcookie Domain attribute

    Example

    server:
  secret: env:SNAPR_JWT_SECRET
  auth:
    enabled: true
    username: admin
    password: env:SNAPR_ADMIN_PASSWORD
    tokenExpiration: 1440
    cookies:
      secure: true
      sameSite: strict
      domain: snapr.example.com

    Notes

    • Set server.secret whenever auth is enabled. A weak or default secret allows token forgery.
    • For HTTPS deployments behind a reverse proxy set cookies.secure: true.