fix(config): harden default JWT secret

Replace known development JWT secret placeholders with an ephemeral runtime secret during config loading.

Return LoadInfo so startup can warn when token persistence depends on a stable configured secret.

Update config docs and tests for default, legacy placeholder, custom, env, and empty secret behavior.
This commit is contained in:
2026-07-05 13:25:44 +08:00
parent 7b6587a951
commit 5eeb37389b
6 changed files with 131 additions and 16 deletions
+6 -1
View File
@@ -23,7 +23,7 @@ var serveCmd = &cobra.Command{
Short: "Start the MyGO HTTP server",
RunE: func(cmd *cobra.Command, args []string) error {
v := config.New()
cfg, err := config.Load(v, serveConfigFile)
cfg, loadInfo, err := config.Load(v, serveConfigFile)
if err != nil {
return fmt.Errorf("load config: %w", err)
}
@@ -32,6 +32,11 @@ var serveCmd = &cobra.Command{
appLogger := mygolog.NewLogger(cfg.Log)
slog.SetDefault(appLogger)
slog.Info("mygo server starting")
if loadInfo.EphemeralJWTSecret {
slog.Warn("jwt.secret is a development placeholder; using an ephemeral runtime secret. " +
"Set a stable jwt.secret or MYGO_JWT_SECRET for production, multi-instance deployments, " +
"and token persistence across restarts")
}
ctx, stop := signal.NotifyContext(context.Background(), os.Interrupt, syscall.SIGTERM)
defer stop()