From b904397599a9348de4a2939452f13cb3b8b77cd7 Mon Sep 17 00:00:00 2001 From: martmull Date: Thu, 19 Oct 2023 11:07:40 +0200 Subject: [PATCH] Fix api keys (#2116) * Distinguish local env variables * Remove api token secret --- render.yaml | 2 -- server/.env.example | 7 +++---- server/.env.test | 1 - server/src/core/api-key/api-key.service.ts | 2 +- server/src/integrations/environment/environment.service.ts | 4 ---- .../src/integrations/environment/environment.validation.ts | 2 -- 6 files changed, 4 insertions(+), 14 deletions(-) diff --git a/render.yaml b/render.yaml index f0580091e..4411c52df 100644 --- a/render.yaml +++ b/render.yaml @@ -26,8 +26,6 @@ services: generateValue: true - key: LOGIN_TOKEN_SECRET generateValue: true - - key: API_TOKEN_SECRET - generateValue: true - key: REFRESH_TOKEN_SECRET generateValue: true - key: PG_DATABASE_HOST diff --git a/server/.env.example b/server/.env.example index c580e25fd..0f5546ca3 100644 --- a/server/.env.example +++ b/server/.env.example @@ -4,10 +4,9 @@ PG_DATABASE_URL=postgres://twenty:twenty@localhost:5432/default?connection_limit # PG_DATABASE_URL=postgres://twenty:twenty@postgres:5432/default?connection_limit=1 FRONT_BASE_URL=http://localhost:3001 -ACCESS_TOKEN_SECRET=replace_me_with_a_random_string -LOGIN_TOKEN_SECRET=replace_me_with_a_random_string -API_TOKEN_SECRET=replace_me_with_a_random_string -REFRESH_TOKEN_SECRET=replace_me_with_a_random_string +ACCESS_TOKEN_SECRET=replace_me_with_a_random_string_access +LOGIN_TOKEN_SECRET=replace_me_with_a_random_string_login +REFRESH_TOKEN_SECRET=replace_me_with_a_random_string_refresh SIGN_IN_PREFILLED=true # ———————— Optional ———————— diff --git a/server/.env.test b/server/.env.test index 0ba1ed8b9..a976e6eaf 100644 --- a/server/.env.test +++ b/server/.env.test @@ -8,7 +8,6 @@ FRONT_BASE_URL=http://localhost:3001 # random keys used to generate JWT tokens ACCESS_TOKEN_SECRET=secret_jwt LOGIN_TOKEN_SECRET=secret_login_tokens -API_TOKEN_SECRET=secret_api_tokens REFRESH_TOKEN_SECRET=secret_refresh_token diff --git a/server/src/core/api-key/api-key.service.ts b/server/src/core/api-key/api-key.service.ts index 208d9b9cb..2c0879ada 100644 --- a/server/src/core/api-key/api-key.service.ts +++ b/server/src/core/api-key/api-key.service.ts @@ -29,7 +29,7 @@ export class ApiKeyService { name: string, expiresAt?: Date | string, ): Promise { - const secret = this.environmentService.getApiTokenSecret(); + const secret = this.environmentService.getAccessTokenSecret(); let expiresIn: string | number; let expirationDate: Date; const now = new Date().getTime(); diff --git a/server/src/integrations/environment/environment.service.ts b/server/src/integrations/environment/environment.service.ts index 399398b36..9fc60e966 100644 --- a/server/src/integrations/environment/environment.service.ts +++ b/server/src/integrations/environment/environment.service.ts @@ -69,10 +69,6 @@ export class EnvironmentService { return this.configService.get('LOGIN_TOKEN_SECRET')!; } - getApiTokenSecret(): string { - return this.configService.get('API_TOKEN_SECRET')!; - } - getLoginTokenExpiresIn(): string { return this.configService.get('LOGIN_TOKEN_EXPIRES_IN') ?? '15m'; } diff --git a/server/src/integrations/environment/environment.validation.ts b/server/src/integrations/environment/environment.validation.ts index 05a02ae92..5a1135092 100644 --- a/server/src/integrations/environment/environment.validation.ts +++ b/server/src/integrations/environment/environment.validation.ts @@ -82,8 +82,6 @@ export class EnvironmentVariables { @IsString() LOGIN_TOKEN_SECRET: string; - @IsString() - API_TOKEN_SECRET: string; @IsDuration() @IsOptional() LOGIN_TOKEN_EXPIRES_IN: string;