fix(config): harden default JWT secret
Replace known development JWT secret placeholders with an ephemeral runtime secret during config loading. Return LoadInfo so startup can warn when token persistence depends on a stable configured secret. Update config docs and tests for default, legacy placeholder, custom, env, and empty secret behavior.
This commit is contained in:
+6
-1
@@ -23,7 +23,7 @@ var serveCmd = &cobra.Command{
|
||||
Short: "Start the MyGO HTTP server",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
v := config.New()
|
||||
cfg, err := config.Load(v, serveConfigFile)
|
||||
cfg, loadInfo, err := config.Load(v, serveConfigFile)
|
||||
if err != nil {
|
||||
return fmt.Errorf("load config: %w", err)
|
||||
}
|
||||
@@ -32,6 +32,11 @@ var serveCmd = &cobra.Command{
|
||||
appLogger := mygolog.NewLogger(cfg.Log)
|
||||
slog.SetDefault(appLogger)
|
||||
slog.Info("mygo server starting")
|
||||
if loadInfo.EphemeralJWTSecret {
|
||||
slog.Warn("jwt.secret is a development placeholder; using an ephemeral runtime secret. " +
|
||||
"Set a stable jwt.secret or MYGO_JWT_SECRET for production, multi-instance deployments, " +
|
||||
"and token persistence across restarts")
|
||||
}
|
||||
|
||||
ctx, stop := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGTERM)
|
||||
defer stop()
|
||||
|
||||
Reference in New Issue
Block a user