Gladyson/openmonetis
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: lazy-load BETTER_AUTH_SECRET para corrigir Docker build

Browse Source 
Validação eager do secret no top-level do módulo causava falha no
build Docker porque a env var não existe em build-time. Movido para
função getJwtSecret() chamada em runtime.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Felipe Coutinho
2026-02-15 22:35:51 +00:00
parent 89366e5c8b
commit 98dd0f11e1
4 changed files with 16 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/auth/api-token.ts
View File

@@ -1,8 +1,13 @@
import crypto from "node:crypto";
const JWT_SECRET = process.env.BETTER_AUTH_SECRET;
if (!JWT_SECRET) {
throw new Error("BETTER_AUTH_SECRET is required. Set it in your .env file.");
function getJwtSecret(): string {
const secret = process.env.BETTER_AUTH_SECRET;
if (!secret) {
throw new Error(
"BETTER_AUTH_SECRET is required. Set it in your .env file.",
);
}
return secret;
}
const ACCESS_TOKEN_EXPIRY = 7 * 24 * 60 * 60; // 7 days in seconds
const REFRESH_TOKEN_EXPIRY = 90 * 24 * 60 * 60; // 90 days in seconds
@@ -59,7 +64,7 @@ function base64UrlDecode(str: string): string {
*/
function createSignature(data: string): string {
return crypto
.createHmac("sha256", JWT_SECRET)
.createHmac("sha256", getJwtSecret())
.update(data)
.digest("base64")
.replace(/\+/g, "-")