From 7c1931da3e4ed16016810c96a2a469dea5d80884 Mon Sep 17 00:00:00 2001
From: Mohmmed Elfateh Sabry <59346303+elfateh4@users.noreply.github.com>
Date: Mon, 11 Aug 2025 03:05:17 +0300
Subject: [PATCH] Refactor Authelia configuration: remove server timeouts,
 update identity validation section, and add session secret for improved
 security

---
 authelia/configuration.yml | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/authelia/configuration.yml b/authelia/configuration.yml
index b8f4f39..dd10703 100644
--- a/authelia/configuration.yml
+++ b/authelia/configuration.yml
@@ -10,22 +10,21 @@ server:
   buffers:
     read: 4096
     write: 4096
-  timeouts:
-    read: 6s
-    write: 6s
-    idle: 30s
 
 log:
   level: info
 
 theme: auto
 
+# Where to send users if they hit a protected resource without a Referer
+default_redirection_url: "https://traefik.gate.3launchpad.com/"
+
 #########################################################
-# Identity Validation
+# Secrets (use env vars in production)
 #########################################################
-identity_validation:
-  reset_password:
-    jwt_secret: "changeme_jwt_secret"
+# Prefer env vars:
+# AUTHELIA_JWT_SECRET, AUTHELIA_SESSION_SECRET, AUTHELIA_STORAGE_ENCRYPTION_KEY
+jwt_secret: "changeme_jwt_secret"
 
 #########################################################
 # Authentication Backend (local file)
@@ -77,10 +76,11 @@ access_control:
 session:
   name: authelia_session
   domain: "gate.3launchpad.com"
-  same_site: lax
+  same_site: lax        
   expiration: 1h
   inactivity: 30m
-  remember_me_duration: 1M
+  remember_me_duration: 1M  
+  secret: "changeme_session_secret"
   redis:
     host: redis
     port: 6379