cartsnitch/auth
12
0
Fork 1
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: fail fast if BETTER_AUTH_SECRET is not set

Browse Source 
Remove hardcoded fallback secret that allowed sessions to be
signed with a well-known value if the env var was unset.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Coupon Carl
2026-03-28 10:03:39 +00:00
parent 11245744b3
commit de3ee06259
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/auth.ts
+6 -1
View File
@@ -10,10 +10,15 @@ const pool = new Pool({
"postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch", "postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
}); });
const secret = process.env.BETTER_AUTH_SECRET;
if (!secret) {
throw new Error("BETTER_AUTH_SECRET environment variable is required");
}
export const auth = betterAuth({ export const auth = betterAuth({
database: pool, database: pool,
basePath: "/auth", basePath: "/auth",
secret: process.env.BETTER_AUTH_SECRET ?? "change-me-in-production-min-32-chars!!", secret,
baseURL: process.env.BETTER_AUTH_URL ?? "http://localhost:3001", baseURL: process.env.BETTER_AUTH_URL ?? "http://localhost:3001",
emailAndPassword: { emailAndPassword: {