27 lines
929 B
TypeScript
27 lines
929 B
TypeScript
import crypto from 'crypto';
|
|
import fs from 'fs';
|
|
import path from 'path';
|
|
|
|
let JWT_SECRET: string = process.env.JWT_SECRET || '';
|
|
|
|
if (!JWT_SECRET) {
|
|
const dataDir = path.resolve(__dirname, '../data');
|
|
const secretFile = path.join(dataDir, '.jwt_secret');
|
|
|
|
try {
|
|
JWT_SECRET = fs.readFileSync(secretFile, 'utf8').trim();
|
|
} catch {
|
|
JWT_SECRET = crypto.randomBytes(32).toString('hex');
|
|
try {
|
|
if (!fs.existsSync(dataDir)) fs.mkdirSync(dataDir, { recursive: true });
|
|
fs.writeFileSync(secretFile, JWT_SECRET, { mode: 0o600 });
|
|
console.log('Generated and saved JWT secret to', secretFile);
|
|
} catch (writeErr: unknown) {
|
|
console.warn('WARNING: Could not persist JWT secret to disk:', writeErr instanceof Error ? writeErr.message : writeErr);
|
|
console.warn('Sessions will reset on server restart. Set JWT_SECRET env var for persistent sessions.');
|
|
}
|
|
}
|
|
}
|
|
|
|
export { JWT_SECRET };
|