It might be helpful to deploy this app to a production environment.
Similar to other example login.gov client applications, there is an opportunity to deploy it to a login.gov sub-domain, for inclusion in the identity-dashboard and for more realistic client demonstration purposes.
Also, preparing the app to be deployed to production might prove useful for developers looking to adapt this app in the future, decreasing the effort required on their part.
If deploying to production, some considerations include session security and server logging. And identity-idp will need to be re-configured to recognize the new environment. And devops will probably need to help set up the subdomain.
It might be helpful to deploy this app to a production environment.
Similar to other example login.gov client applications, there is an opportunity to deploy it to a login.gov sub-domain, for inclusion in the identity-dashboard and for more realistic client demonstration purposes.
Also, preparing the app to be deployed to production might prove useful for developers looking to adapt this app in the future, decreasing the effort required on their part.
If deploying to production, some considerations include session security and server logging. And identity-idp will need to be re-configured to recognize the new environment. And devops will probably need to help set up the subdomain.
Express Secure Sessions Reference: