Talon
/
chat-with-gpt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use secure default session secret

main
Cogent Apps 2023-03-17 18:27:13 +00:00
parent 174feea1b5
commit b0d8d5c20d
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
server/src/auth0.ts
View File

@ -1,10 +1,13 @@
import crypto from 'crypto';
import { auth, ConfigParams } from 'express-openid-connect';
import ChatServer from './index';
const secret = process.env.AUTH_SECRET || crypto.randomBytes(32).toString('hex');
const config: ConfigParams = {
authRequired: false,
auth0Logout: false,
secret: process.env.AUTH_SECRET || 'keyboard cat',
secret,
baseURL: process.env.PUBLIC_URL,
clientID: process.env.AUTH0_CLIENT_ID,
issuerBaseURL: process.env.AUTH0_ISSUER,

4
server/src/passport.ts
View File

@ -5,6 +5,8 @@ import createSQLiteSessionStore from 'connect-sqlite3';
import { Strategy as LocalStrategy } from 'passport-local';
import ChatServer from './index';
const secret = process.env.AUTH_SECRET || crypto.randomBytes(32).toString('hex');
export function configurePassport(context: ChatServer) {
const SQLiteStore = createSQLiteSessionStore(session);
const sessionStore = new SQLiteStore({ db: 'sessions.db' });
@ -42,7 +44,7 @@ export function configurePassport(context: ChatServer) {
});
context.app.use(session({
secret: process.env.AUTH_SECRET || 'keyboard cat',
secret,
resave: false,
saveUninitialized: false,
store: sessionStore as any,