fix(auth): JWT_SECRET is required

2025-11-12 18:06:39 +00:00 · 2025-10-01 23:48:13 +01:00
parent 9ddc27e50c
commit 9c39d83fe5
3 changed files with 16 additions and 10 deletions
--- a/backend/src/routes/authRoutes.js
+++ b/backend/src/routes/authRoutes.js
@@ -156,7 +156,10 @@ router.post(

 // Generate JWT token
 const generateToken = (userId) => {
-	return jwt.sign({ userId }, process.env.JWT_SECRET || "your-secret-key", {
+	if (!process.env.JWT_SECRET) {
+		throw new Error("JWT_SECRET environment variable is required");
+	}
+	return jwt.sign({ userId }, process.env.JWT_SECRET, {
 		expiresIn: process.env.JWT_EXPIRES_IN || "24h",
 	});
 };