Refactor JWT secret and audience retrieval to use JwtSecrets module.

swuecho · Oct 6, 2024 · 8d62579 · 8d62579
1 parent 7697a01
commit 8d62579
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/api/Note.fs b/api/Note.fs
@@ -153,9 +153,10 @@ let login: HttpHandler =
                     let passwordMatches = Auth.validatePassword password hash
                     // check if user is admin
                     let role = if user.IsSuperuser then "admin" else "user"
-
-                    let jwtKey = Util.getEnvVar "JWT_SECRET"
-                    let audience = Util.getEnvVar "JWT_AUDIENCE"
+                    let jwtAudienceName = "logbook"
+                    let secret = JwtSecrets.GetJwtSecret conn jwtAudienceName
+                    let jwtKey = secret.Secret
+                    let audience = secret.Audience
                     let issuer = "logbook-swuecho.github.com"
 
                     if passwordMatches then