From 6e8c28026e890774ce3edb49febde1f606aa0aee Mon Sep 17 00:00:00 2001 From: moonrailgun Date: Thu, 9 May 2024 00:58:05 +0800 Subject: [PATCH] refactor: update jwt secret generator more safe for user --- src/server/utils/common.ts | 4 ++-- src/server/utils/env.ts | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/server/utils/common.ts b/src/server/utils/common.ts index 0e42802..656ebd3 100644 --- a/src/server/utils/common.ts +++ b/src/server/utils/common.ts @@ -9,6 +9,7 @@ import _ from 'lodash'; import { getWorkspaceWebsiteDateRange } from '../model/workspace'; import { isCuid } from '@paralleldrive/cuid2'; import { getMinimumUnit } from '@tianji/shared'; +import { env } from './env'; export { isCuid }; @@ -151,8 +152,7 @@ function getDataType(value: any): string { /** * Secret for auth and cacheTokenGenerate */ -export const jwtSecret = - process.env.JWT_SECRET || hashUuid(dayjs().format('YYYYMMDD')); +export const jwtSecret = env.jwtSecret; export function createToken(payload: any, secret = jwtSecret, options?: any) { return jwt.sign(payload, secret, options); diff --git a/src/server/utils/env.ts b/src/server/utils/env.ts index c72dd1f..c981a39 100644 --- a/src/server/utils/env.ts +++ b/src/server/utils/env.ts @@ -1,6 +1,13 @@ +import { v1 as uuid } from 'uuid'; + export const env = { isProd: process.env.NODE_ENV === 'production', isTest: process.env.NODE_ENV === 'test', + jwtSecret: + !process.env.JWT_SECRET || + process.env.JWT_SECRET === 'replace-me-with-a-random-string' + ? uuid() + : process.env.JWT_SECRET, port: Number(process.env.PORT || 12345), allowRegister: checkEnvTrusty(process.env.ALLOW_REGISTER), allowOpenapi: checkEnvTrusty(process.env.ALLOW_OPENAPI),