This commit is contained in:
Ace
2026-06-24 17:35:58 +02:00
2 changed files with 8 additions and 1 deletions
+8
View File
@@ -1,4 +1,12 @@
import type { NextConfig } from "next" import type { NextConfig } from "next"
import crypto from "crypto"
// In development, generate a random JWT secret on every server start.
// This invalidates all previously issued JWT tokens, ensuring the user
// must re-authenticate after each dev server restart.
if (process.env.NODE_ENV === "development") {
process.env.JWT_SECRET = crypto.randomBytes(32).toString("hex")
}
const nextConfig: NextConfig = { const nextConfig: NextConfig = {
eslint: { eslint: {
-1
View File
@@ -201,7 +201,6 @@ export async function createSession(userId: string, role: string) {
secure: process.env.NODE_ENV === "production", secure: process.env.NODE_ENV === "production",
sameSite: "strict", sameSite: "strict",
path: "/", path: "/",
maxAge: 60 * 60 * 24, // 24 hours
}); });
return token; return token;