hubert/SimpleNotes
1
0
Fork 0
Code Projects Releases Activity

Use different JWT secret for auth and refresh tokens..

Browse Source
This commit is contained in:
Hubert Van De Walle
2020-06-15 16:51:37 +02:00
parent 11740e5986
commit 7c364c7295
3 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/resources/application.dev.yaml
+2 -1
View File
@@ -11,11 +11,12 @@ server:
cors: true
jwt:
secret: 9Io9kvgIedOcLdUvKl31OKf51jdTZcFHJFgqvEpfJuI= # Can be generated with `openssl rand -base64 32`
auth:
secret: uiqzRNiMYwbObn/Ps5xTasYVeu/63ZuI+1oB98Ez+lY=
validity: 1
unit: HOURS
refresh:
secret: wWchkx44YGig4Q5Z7b7+E/3ymGEGd6PS7UGedMul3bg=
validity: 15
unit: DAYS
api/resources/application.prod.yaml
+2 -1
View File
@@ -11,11 +11,12 @@ server:
cors: ${CORS:-true}
jwt:
secret: ${JWT_SECRET} # Can be generated with `openssl rand -base64 32`
auth:
secret: ${JWT_SECRET} # Can be generated with `openssl rand -base64 32`
validity: 1
unit: HOURS
refresh:
secret: ${JWT_REFRESH_SECRET} # Can be generated with `openssl rand -base64 32`
validity: 15
unit: DAYS