api/config: disallow JWT_SECRET
s shorter than 16 chars
This commit is contained in:
parent
43b3139b4a
commit
4efe6d9350
1 changed files with 4 additions and 0 deletions
|
@ -54,6 +54,10 @@ const env = {
|
||||||
const genericUserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36";
|
const genericUserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36";
|
||||||
const cobaltUserAgent = `cobalt/${version} (+https://github.com/imputnet/cobalt)`;
|
const cobaltUserAgent = `cobalt/${version} (+https://github.com/imputnet/cobalt)`;
|
||||||
|
|
||||||
|
if (env.sessionEnabled && env.jwtSecret.length < 16) {
|
||||||
|
throw new Error("JWT_SECRET env is too short (must be at least 16 characters long)");
|
||||||
|
}
|
||||||
|
|
||||||
export {
|
export {
|
||||||
env,
|
env,
|
||||||
genericUserAgent,
|
genericUserAgent,
|
||||||
|
|
Loading…
Reference in a new issue