github/Peacock
1
Fork 0
mirror of https://github.com/thepeacockproject/Peacock synced 2024-11-22 22:12:45 +01:00
Code Releases Activity

Generate random jwt secret when required

Browse Source 
Closes #310
This commit is contained in:
AnthonyFuller 2023-08-04 08:24:50 +01:00
parent 69a0e425f2
commit fc801a3319
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
components/oauthToken.ts
View File

@ -34,7 +34,7 @@ import {
writeNewUserData,
} from "./databaseHandler"
import { OfficialServerAuth, userAuths } from "./officialServerAuth"
import { randomUUID } from "crypto"
import { randomUUID, randomBytes } from "crypto"
import { clearInventoryFor } from "./inventory"
import {
EpicH1Strategy,
@ -44,6 +44,12 @@ import {
SteamH2Strategy,
SteamScpcStrategy,
} from "./entitlementStrategies"
import { getFlag } from "./flags"
const JWT_SECRET =
getFlag("developmentAllowRuntimeRestart") || PEACOCK_DEV
? "secret"
: randomBytes(32).toString("hex")
export async function handleOauthToken(
req: RequestWithJwt,
@ -123,7 +129,7 @@ export async function handleOauthToken(
}
res.json({
access_token: sign(req.jwt, "secret", signOptions),
access_token: sign(req.jwt, JWT_SECRET, signOptions),
token_type: "bearer",
expires_in: 5000,
refresh_token: randomUUID(),
@ -318,7 +324,7 @@ export async function handleOauthToken(
clearInventoryFor(req.body.pId)
res!.json({
access_token: sign(userinfo, "secret", signOptions),
access_token: sign(userinfo, JWT_SECRET, signOptions),
token_type: "bearer",
expires_in: 5000,
refresh_token: randomUUID(),