90 lines
2.7 KiB
JavaScript
90 lines
2.7 KiB
JavaScript
const crypto = require('crypto');
|
|
const fs = require('fs');
|
|
const path = require('path');
|
|
|
|
/**
|
|
* Generate a secure JWT secret key
|
|
*/
|
|
function generateJWTSecret(length = 64) {
|
|
return crypto.randomBytes(length).toString('hex');
|
|
}
|
|
|
|
/**
|
|
* Generate multiple secrets for different purposes
|
|
*/
|
|
function generateSecrets() {
|
|
return {
|
|
jwt_secret: generateJWTSecret(64),
|
|
refresh_token_secret: generateJWTSecret(64),
|
|
session_secret: generateJWTSecret(32)
|
|
};
|
|
}
|
|
|
|
/**
|
|
* Update .env file with generated JWT secret
|
|
*/
|
|
function updateEnvFile() {
|
|
const envPath = path.join(__dirname, '.env');
|
|
const envExamplePath = path.join(__dirname, '.env.example');
|
|
|
|
console.log('\n🔐 Generating Secure JWT Secret...\n');
|
|
|
|
const secrets = generateSecrets();
|
|
|
|
console.log('Generated Secrets:');
|
|
console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
|
|
console.log('JWT_SECRET:', secrets.jwt_secret.substring(0, 20) + '...');
|
|
console.log('Length:', secrets.jwt_secret.length, 'characters');
|
|
console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n');
|
|
|
|
try {
|
|
// Read current .env file
|
|
let envContent = fs.readFileSync(envPath, 'utf8');
|
|
|
|
// Update JWT_SECRET
|
|
envContent = envContent.replace(
|
|
/JWT_SECRET=.*/,
|
|
`JWT_SECRET=${secrets.jwt_secret}`
|
|
);
|
|
|
|
// Write back to .env
|
|
fs.writeFileSync(envPath, envContent);
|
|
|
|
console.log('✅ JWT_SECRET updated in .env file\n');
|
|
|
|
// Also update .env.example with a placeholder
|
|
if (fs.existsSync(envExamplePath)) {
|
|
let exampleContent = fs.readFileSync(envExamplePath, 'utf8');
|
|
exampleContent = exampleContent.replace(
|
|
/JWT_SECRET=.*/,
|
|
`JWT_SECRET=your_generated_secret_key_here_change_in_production`
|
|
);
|
|
fs.writeFileSync(envExamplePath, exampleContent);
|
|
console.log('✅ .env.example updated with placeholder\n');
|
|
}
|
|
|
|
console.log('⚠️ IMPORTANT: Keep your JWT secret secure!');
|
|
console.log(' - Never commit .env to version control');
|
|
console.log(' - Use different secrets for different environments');
|
|
console.log(' - Rotate secrets periodically in production\n');
|
|
|
|
return secrets;
|
|
} catch (error) {
|
|
console.error('❌ Error updating .env file:', error.message);
|
|
console.log('\nManually add this to your .env file:');
|
|
console.log(`JWT_SECRET=${secrets.jwt_secret}\n`);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
// Run if called directly
|
|
if (require.main === module) {
|
|
updateEnvFile();
|
|
}
|
|
|
|
module.exports = {
|
|
generateJWTSecret,
|
|
generateSecrets,
|
|
updateEnvFile
|
|
};
|