From 2cad77c8fb87bb3a3d3e87ca8d2c2676571b4b1e Mon Sep 17 00:00:00 2001
From: Maurice <mauriceboe@icloud.com>
Date: Thu, 19 Mar 2026 00:29:38 +0100
Subject: [PATCH] Auto-generate JWT_SECRET in all environments

No more crash on missing JWT_SECRET. A random secret is generated
automatically with a warning that sessions won't persist across restarts.
---
 server/src/config.js | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/server/src/config.js b/server/src/config.js
index 8ac8a18..fc9bd36 100644
--- a/server/src/config.js
+++ b/server/src/config.js
@@ -3,12 +3,8 @@ const crypto = require('crypto');
 let JWT_SECRET = process.env.JWT_SECRET;
 
 if (!JWT_SECRET) {
-  if (process.env.NODE_ENV === 'production') {
-    console.error('FATAL: JWT_SECRET environment variable is required in production.');
-    process.exit(1);
-  }
   JWT_SECRET = crypto.randomBytes(32).toString('hex');
-  console.warn('WARNING: No JWT_SECRET set — using auto-generated secret. Sessions will reset on server restart.');
+  console.warn('WARNING: No JWT_SECRET set — using auto-generated secret. Sessions will reset on server restart. Set JWT_SECRET for persistent sessions.');
 }
 
 module.exports = { JWT_SECRET };