refactoring: TypeScript migration, security fixes,

2026-06-21 22:31:46 +00:00 · 2026-03-27 18:40:18 +01:00
parent 510475a46f
commit 8396a75223
150 changed files with 8116 additions and 8467 deletions
@@ -0,0 +1,26 @@
+import crypto from 'crypto';
+import fs from 'fs';
+import path from 'path';
+
+let JWT_SECRET: string = process.env.JWT_SECRET || '';
+
+if (!JWT_SECRET) {
+  const dataDir = path.resolve(__dirname, '../data');
+  const secretFile = path.join(dataDir, '.jwt_secret');
+
+  try {
+    JWT_SECRET = fs.readFileSync(secretFile, 'utf8').trim();
+  } catch {
+    JWT_SECRET = crypto.randomBytes(32).toString('hex');
+    try {
+      if (!fs.existsSync(dataDir)) fs.mkdirSync(dataDir, { recursive: true });
+      fs.writeFileSync(secretFile, JWT_SECRET, { mode: 0o600 });
+      console.log('Generated and saved JWT secret to', secretFile);
+    } catch (writeErr: unknown) {
+      console.warn('WARNING: Could not persist JWT secret to disk:', writeErr instanceof Error ? writeErr.message : writeErr);
+      console.warn('Sessions will reset on server restart. Set JWT_SECRET env var for persistent sessions.');
+    }
+  }
+}
+
+export { JWT_SECRET };