From 30b5ff0d96a25ef21cccaebd242ef69b7c4a84d1 Mon Sep 17 00:00:00 2001
From: Sheogorath
Date: Wed, 28 Mar 2018 12:49:03 +0200
Subject: Add session data to env vars

Currently the session secret can only be set by config.json or docker
secrets. This creates a problem on Heroku hosted instances that can not
set a session secret.

Since we automatically generate them on startup this results in an
logout of all users on every config change in Heroku.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 0bb3845b..bdad3336 100644
--- a/README.md
+++ b/README.md
@@ -151,6 +151,8 @@ There are some config settings you need to change in the files below.
 | `HMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
 | `HMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
 | `HMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL |
+| `HMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup |
+| `HMD_SESSION_LIFE` | `1209600000` | Session life time. (milliseconds) |
 | `HMD_FACEBOOK_CLIENTID` | no example | Facebook API client id |
 | `HMD_FACEBOOK_CLIENTSECRET` | no example | Facebook API client secret |
 | `HMD_TWITTER_CONSUMERKEY` | no example | Twitter API consumer key |
-- 
cgit v1.2.3