You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The server is working even without specifying a app.token.secret in configuration: the server ends up signing JWT using an empty secret
Steps To Reproduce
Set up a configuration file without app.token.secret being defined
Start the server
Try to connect
Expected behavior
The server should not work with an empty secret (insecure) or at least write a warning in the logs.
Theapp.token.secret is required but the error is currently not handled (ignored).
The text was updated successfully, but these errors were encountered:
Server working without a
JWTsecretThe server is working even without specifying a
app.token.secretin configuration: the server ends up signingJWTusing an empty secretSteps To Reproduce
app.token.secretbeing definedExpected behavior
The server should not work with an empty secret (
insecure) or at least write a warning in the logs.The
app.token.secretisrequiredbut the error is currently not handled (ignored).The text was updated successfully, but these errors were encountered: