diff --git a/next.config.ts b/next.config.ts index 3850d87..2e27cc2 100644 --- a/next.config.ts +++ b/next.config.ts @@ -1,10 +1,4 @@ import type { NextConfig } from "next" -import crypto from "crypto" - -// Generate a random JWT secret on every dev server start to invalidate all prior sessions -if (process.env.NODE_ENV !== "production") { - process.env.JWT_SECRET = crypto.randomUUID() -} const nextConfig: NextConfig = { eslint: { diff --git a/src/lib/auth.ts b/src/lib/auth.ts index 1f395cf..8013752 100644 --- a/src/lib/auth.ts +++ b/src/lib/auth.ts @@ -2,8 +2,11 @@ import { SignJWT, jwtVerify } from "jose"; import bcrypt from "bcryptjs"; import { query } from "@/lib/db"; import { cookies } from "next/headers"; +import crypto from "crypto"; -const RAW_SECRET = process.env.JWT_SECRET; +const RAW_SECRET = process.env.NODE_ENV === "production" + ? process.env.JWT_SECRET + : crypto.randomUUID(); if (!RAW_SECRET) { throw new Error("JWT_SECRET environment variable is required"); }