admin/logbuch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.6.1: Sicherheit – Rate Limiting, Default-PW via Env, AUTH_SECRET Pflicht, Bcrypt 12

Browse Source
This commit is contained in:
Reinhard X. Fürst
2026-05-11 13:26:51 +02:00
parent 0ea960259c
commit 9bea0a11de
33 changed files with 991 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/session.ts
+4 -1
View File
@@ -4,7 +4,10 @@ import { SignJWT, jwtVerify } from 'jose';
const SESSION_COOKIE_NAME = 'logbuch_session';
const SESSION_DURATION = 60 * 60 * 1000;
const secretKey = process.env.AUTH_SECRET || 'logbuch-secret-change-in-production';
const secretKey = process.env.AUTH_SECRET;
if (!secretKey) {
throw new Error('AUTH_SECRET Umgebungsvariable ist nicht gesetzt!');
}
const key = new TextEncoder().encode(secretKey);
export interface SessionData {