给所有请求都加上jwt,隐藏生成jwt的secret(放到.env中),隐藏app-secret(放在pm2运行配置文件中,后续直接读取环境配置即可)
This commit is contained in:
@@ -22,9 +22,24 @@ if [ ! -f .env ]; then
|
||||
echo "NEXT_PUBLIC_API_URL="
|
||||
echo "NEXT_PUBLIC_APP_ID="
|
||||
echo "NEXT_PUBLIC_APP_KEY="
|
||||
echo "JWT_SECRET="
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 检查 JWT_SECRET 是否配置
|
||||
if ! grep -q "^JWT_SECRET=" .env; then
|
||||
echo "⚠️ 警告: .env 文件中未配置 JWT_SECRET!"
|
||||
echo "JWT_SECRET 用于签名和验证 JWT token,是必需的安全配置。"
|
||||
echo "请在 .env 文件中添加:"
|
||||
echo "JWT_SECRET=your-strong-random-secret-key"
|
||||
echo ""
|
||||
echo "可以使用以下命令生成强随机密钥:"
|
||||
echo "npm run generate:jwt-secret"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "✅ 环境变量检查通过"
|
||||
|
||||
# 创建日志目录
|
||||
mkdir -p logs
|
||||
|
||||
|
||||
Reference in New Issue
Block a user