보안 강화: DB 자격증명(AppKey, Secret) 및 세션토큰(Access Token) 암호화 저장 구현 (AES-GCM/CBC), .env 정리

2026-02-03 00:08:15 +09:00
parent 4f0cc05f39
commit ed8fc0943b
15 changed files with 131 additions and 30 deletions
--- a/backend/app/core/config.py
+++ b/backend/app/core/config.py
@@ -29,6 +29,9 @@ class Settings(BaseSettings):
    # Timezone
    TIMEZONE: str = "Asia/Seoul"

+    # Encryption
+    SECRET_KEY: str = "dlrpwjdakfehlsmswl_skf!wkf!ahfmrpTDJ!@#unsafe_default_key_change_in_production_min_32_bytes"
+
    model_config = SettingsConfigDict(
        env_file=".env", 
        env_file_encoding="utf-8",