feat: Add ALLOW_REGISTRATION configuration to enable/disable user registration and introduce a Forbidden API error type.

2025-12-25 23:05:26 +01:00
parent bb15181817
commit 0af7294468
7 changed files with 39 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -60,8 +60,18 @@ The frontend is automatically configured to talk to the backend.
 cargo run -p notes-api
 ```

+
 By default, this uses the **SQLite** backend.

+#### Configuration
+
+The application is configured via environment variables (or `.env` file):
+
+-   `ALLOW_REGISTRATION`: Set to `false` to disable new user registration (default: `true`).
+-   `DATABASE_URL`: Connection string for the database.
+-   `SESSION_SECRET`: Secret key for session encryption.
+-   `CORS_ALLOWED_ORIGINS`: Comma-separated list of allowed origins.
+
 **Running with Postgres:**

 To use PostgreSQL, build with the `postgres` feature: