Northern_Lights/NapCatQQ
1
0
Fork 0
mirror of https://github.com/NapNeko/NapCatQQ.git synced 2026-02-06 21:10:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use environment variables for secret keys in dev and backend

Browse Source 
Set fixed secret keys for JWT and WebUI in development environment via environment variables. Updated backend to use NAPCAT_WEBUI_SECRET_KEY and NAPCAT_WEBUI_JWT_SECRET_KEY from environment if available, improving configurability and security.
This commit is contained in:
手瓜一十雪
2025-11-15 17:00:52 +08:00
parent a2837974fe
commit 3957d7af5a
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/napcat-webui-backend/src/helper/SignToken.ts
View File

@@ -2,7 +2,7 @@ import crypto from 'crypto';
import store from 'napcat-common/src/store';
import type { WebUiCredentialJson, WebUiCredentialInnerJson } from '@/napcat-webui-backend/src/types';
export class AuthHelper {
private static readonly secretKey = Math.random().toString(36).slice(2);
private static readonly secretKey = process.env['NAPCAT_WEBUI_JWT_SECRET_KEY'] || Math.random().toString(36).slice(2);
/**
* 签名凭证方法。