From f683f8ddbd2c08debcb6b48adc28998858e44e9a Mon Sep 17 00:00:00 2001 From: Luuc van der Zee Date: Mon, 5 Aug 2024 12:58:10 +0100 Subject: [PATCH] Get jwt secret from env var --- .gitignore | 4 +++- README.md | 4 +++- package.json | 4 ++-- utils/createIdToken.js | 4 +--- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 313cb3c..01d6d89 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,6 @@ node_modules # Local VsCode config -.vscode/* \ No newline at end of file +.vscode/* + +env_files/* \ No newline at end of file diff --git a/README.md b/README.md index 25d7ba6..438f09e 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,9 @@ make feature-toggle feature=fake_sso enabled=true npm i ``` -4. In both repos, run the docker compose file: +4. In this repo, create a file called `back-secret.env` in the `env_files` folder, and make sure it has the correct `FAKE_SSO_JWT_SECRET`. It should match the one in `env_files/back-secret.env` in the main repo. + +5. In both repos, run the docker compose file: ``` docker compose up diff --git a/package.json b/package.json index 0a2160f..7c45d98 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,7 @@ "version": "0.0.1", "private": true, "scripts": { - "start": "nodemon ./bin/www" + "start": "nodemon ./bin/www --env-file=env_files/back-secret.env" }, "dependencies": { "cookie-parser": "~1.4.4", @@ -16,4 +16,4 @@ "nodemon": "^3.1.4", "uuid": "^10.0.0" } -} +} \ No newline at end of file diff --git a/utils/createIdToken.js b/utils/createIdToken.js index 0586cf3..8c61e84 100644 --- a/utils/createIdToken.js +++ b/utils/createIdToken.js @@ -1,9 +1,7 @@ const jose = require("jose"); const { v4: uuidv4 } = require("uuid"); -const secret = new TextEncoder().encode( - "cc7e0d44fd473002f1c42167459001140ec6389b7353f8088f4d9a95f2f596f2" -); +const secret = new TextEncoder().encode(process.env.FAKE_SSO_JWT_SECRET); const alg = "HS256";