const crypto = require('crypto'); const fs = require('fs'); const path = require('path'); /** * Generate a secure JWT secret key */ function generateJWTSecret(length = 64) { return crypto.randomBytes(length).toString('hex'); } /** * Generate multiple secrets for different purposes */ function generateSecrets() { return { jwt_secret: generateJWTSecret(64), refresh_token_secret: generateJWTSecret(64), session_secret: generateJWTSecret(32) }; } /** * Update .env file with generated JWT secret */ function updateEnvFile() { const envPath = path.join(__dirname, '.env'); const envExamplePath = path.join(__dirname, '.env.example'); console.log('\nšŸ” Generating Secure JWT Secret...\n'); const secrets = generateSecrets(); console.log('Generated Secrets:'); console.log('ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”'); console.log('JWT_SECRET:', secrets.jwt_secret.substring(0, 20) + '...'); console.log('Length:', secrets.jwt_secret.length, 'characters'); console.log('ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”\n'); try { // Read current .env file let envContent = fs.readFileSync(envPath, 'utf8'); // Update JWT_SECRET envContent = envContent.replace( /JWT_SECRET=.*/, `JWT_SECRET=${secrets.jwt_secret}` ); // Write back to .env fs.writeFileSync(envPath, envContent); console.log('āœ… JWT_SECRET updated in .env file\n'); // Also update .env.example with a placeholder if (fs.existsSync(envExamplePath)) { let exampleContent = fs.readFileSync(envExamplePath, 'utf8'); exampleContent = exampleContent.replace( /JWT_SECRET=.*/, `JWT_SECRET=your_generated_secret_key_here_change_in_production` ); fs.writeFileSync(envExamplePath, exampleContent); console.log('āœ… .env.example updated with placeholder\n'); } console.log('āš ļø IMPORTANT: Keep your JWT secret secure!'); console.log(' - Never commit .env to version control'); console.log(' - Use different secrets for different environments'); console.log(' - Rotate secrets periodically in production\n'); return secrets; } catch (error) { console.error('āŒ Error updating .env file:', error.message); console.log('\nManually add this to your .env file:'); console.log(`JWT_SECRET=${secrets.jwt_secret}\n`); return null; } } // Run if called directly if (require.main === module) { updateEnvFile(); } module.exports = { generateJWTSecret, generateSecrets, updateEnvFile };