Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

refactor: replace BETTER_AUTH_SECRET with betterAuthSecret in forward-auth setup

Browse Source
This commit is contained in:
Mauricio Siu
2026-06-07 00:28:57 -06:00
parent a0288f83d5
commit 0f77c40ee3
1 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
packages/server/src/setup/forward-auth-setup.ts
View File

@@ -1,5 +1,6 @@
import { createHmac } from "node:crypto"; import { createHmac } from "node:crypto";
import type { CreateServiceOptions } from "dockerode"; import type { CreateServiceOptions } from "dockerode";
import { betterAuthSecret } from "../lib/auth-secret";
import { getRemoteDocker } from "../utils/servers/remote-docker"; import { getRemoteDocker } from "../utils/servers/remote-docker";
export const FORWARD_AUTH_SERVICE_NAME = "dokploy-forward-auth"; export const FORWARD_AUTH_SERVICE_NAME = "dokploy-forward-auth";
@@ -37,13 +38,7 @@ export const forwardAuthCallbackUrl = (
): string => `${https ? "https" : "http"}://${authDomain}/oauth2/callback`; ): string => `${https ? "https" : "http"}://${authDomain}/oauth2/callback`;
export const deriveCookieSecret = (salt: string): string => { export const deriveCookieSecret = (salt: string): string => {
const rootSecret = process.env.BETTER_AUTH_SECRET; return createHmac("sha256", betterAuthSecret)
if (!rootSecret) {
throw new Error(
"BETTER_AUTH_SECRET is required to derive the forward-auth cookie secret",
);
}
return createHmac("sha256", rootSecret)
.update(`forward-auth:${salt}`) .update(`forward-auth:${salt}`)
.digest("base64"); .digest("base64");
}; };