Use environment variables for secret keys in dev and backend

Set fixed secret keys for JWT and WebUI in development environment via environment variables. Updated backend to use NAPCAT_WEBUI_SECRET_KEY and NAPCAT_WEBUI_JWT_SECRET_KEY from environment if available, improving configurability and security.
2026-02-06 21:10:23 +00:00 · 2025-11-15 17:00:52 +08:00
parent c4335a8193
commit a20e0eb18d
3 changed files with 5 additions and 3 deletions
--- a/packages/napcat-develop/loadNapCat.cjs
+++ b/packages/napcat-develop/loadNapCat.cjs
@@ -74,7 +74,9 @@ async function copyAll () {
  process.env.NAPCAT_QQ_VERSION_CONFIG_PATH = path.join(TARGET_DIR, 'config.json');
  process.env.NAPCAT_DISABLE_PIPE = '1';
  process.env.NAPCAT_WORKDIR = TARGET_DIR;
-
+  // 开发环境使用固定密钥
+  process.env.NAPCAT_WEBUI_JWT_SECRET_KEY = 'napcat_dev_secret_key';
+  process.env.NAPCAT_WEBUI_SECRET_KEY = 'napcat';
  console.log('Loading NapCat module...');
  await import(pathToFileURL(NAPCAT_MJS_PATH).href);
 }