Refactor JWT_SECRET handling and add setup warning page

2026-06-20 13:00:39 +00:00 · 2026-02-08 21:27:13 +08:00
parent f13ba90ebe
commit 5fc2436552
12 changed files with 1024 additions and 780 deletions
@@ -1,3 +1,5 @@
 # JWT Secret for signing tokens (required)
+# IMPORTANT: change this value before any real deployment.
 # Generate one with: openssl rand -hex 32
-JWT_SECRET=your-secret-key-herexxs22fd2ds
+# (Example only, 64 hex chars = 32 bytes)
+JWT_SECRET=Enter-your-JWT-key-here-at-least-32-characters