Refactor Authelia configuration: remove server timeouts, update identity validation section, and add session secret for improved security

authelia/configuration.yml

@@ -10,21 +10,20 @@ server:
   buffers:
     read: 4096
     write: 4096
-  timeouts:
-    read: 6s
-    write: 6s
-    idle: 30s
 
 log:
   level: info
 
 theme: auto
 
+# Where to send users if they hit a protected resource without a Referer
+default_redirection_url: "https://traefik.gate.3launchpad.com/"
+
 #########################################################
-# Identity Validation
+# Secrets (use env vars in production)
 #########################################################
-identity_validation:
-  reset_password:
+# Prefer env vars:
+# AUTHELIA_JWT_SECRET, AUTHELIA_SESSION_SECRET, AUTHELIA_STORAGE_ENCRYPTION_KEY
 jwt_secret: "changeme_jwt_secret"
 
 #########################################################
@@ -81,6 +80,7 @@ session:
   expiration: 1h
   inactivity: 30m
   remember_me_duration: 1M  
+  secret: "changeme_session_secret"
   redis:
     host: redis
     port: 6379