feat(security): enhance JWT secret auto-generation warning
Add prominent warning messages when JWT secret is auto-generated: - Use multi-line banner format for better visibility - Include actionable guidance for production deployments - Update both setup.go and security_secret_bootstrap.go This helps operators notice the security concern and take appropriate action before deploying to production.
This commit is contained in:
@@ -297,7 +297,11 @@ func Install(cfg *SetupConfig) error {
|
||||
return fmt.Errorf("failed to generate jwt secret: %w", err)
|
||||
}
|
||||
cfg.JWT.Secret = secret
|
||||
logger.LegacyPrintf("setup", "%s", "Warning: JWT secret auto-generated. Consider setting a fixed secret for production.")
|
||||
// 使用更醒目的告警格式
|
||||
logger.LegacyPrintf("setup", "================================================================================")
|
||||
logger.LegacyPrintf("setup", "⚠️ SECURITY WARNING: JWT secret auto-generated")
|
||||
logger.LegacyPrintf("setup", " For production, set JWT_SECRET environment variable or jwt.secret in config.yaml")
|
||||
logger.LegacyPrintf("setup", "================================================================================")
|
||||
}
|
||||
|
||||
// Test connections
|
||||
@@ -594,7 +598,11 @@ func AutoSetupFromEnv() error {
|
||||
return fmt.Errorf("failed to generate jwt secret: %w", err)
|
||||
}
|
||||
cfg.JWT.Secret = secret
|
||||
logger.LegacyPrintf("setup", "%s", "Warning: JWT secret auto-generated. Consider setting a fixed secret for production.")
|
||||
// 使用更醒目的告警格式
|
||||
logger.LegacyPrintf("setup", "================================================================================")
|
||||
logger.LegacyPrintf("setup", "⚠️ SECURITY WARNING: JWT secret auto-generated")
|
||||
logger.LegacyPrintf("setup", " For production, set JWT_SECRET environment variable or jwt.secret in config.yaml")
|
||||
logger.LegacyPrintf("setup", "================================================================================")
|
||||
}
|
||||
|
||||
// Test database connection
|
||||
|
||||
Reference in New Issue
Block a user