()
| 26 | * Call once after getEncryptionKey() in initDatabase(). |
| 27 | */ |
| 28 | export async function initAuthSecrets(): Promise<void> { |
| 29 | tokenHashSecret = await getOrCreateStoredSecret({ |
| 30 | envKey: 'TOKEN_HASH_SECRET', |
| 31 | fileName: 'token_hash_secret.key', |
| 32 | awsSecretIdSuffix: 'TokenHashSecret', |
| 33 | weakDefault: WEAK_DEFAULTS.TOKEN_HASH_SECRET |
| 34 | }) |
| 35 | |
| 36 | expressSessionSecret = await getOrCreateStoredSecret({ |
| 37 | envKey: 'EXPRESS_SESSION_SECRET', |
| 38 | fileName: 'express_session_secret.key', |
| 39 | awsSecretIdSuffix: 'ExpressSessionSecret', |
| 40 | weakDefault: WEAK_DEFAULTS.EXPRESS_SESSION_SECRET |
| 41 | }) |
| 42 | |
| 43 | jwtAuthTokenSecret = await getOrCreateStoredSecret({ |
| 44 | envKey: 'JWT_AUTH_TOKEN_SECRET', |
| 45 | fileName: 'jwt_auth_token_secret.key', |
| 46 | awsSecretIdSuffix: 'JWTAuthTokenSecret', |
| 47 | weakDefault: WEAK_DEFAULTS.JWT_AUTH_TOKEN_SECRET |
| 48 | }) |
| 49 | |
| 50 | jwtRefreshTokenSecret = await getOrCreateStoredSecret({ |
| 51 | envKey: 'JWT_REFRESH_TOKEN_SECRET', |
| 52 | fileName: 'jwt_refresh_token_secret.key', |
| 53 | awsSecretIdSuffix: 'JWTRefreshTokenSecret', |
| 54 | weakDefault: WEAK_DEFAULTS.JWT_REFRESH_TOKEN_SECRET |
| 55 | }) |
| 56 | |
| 57 | jwtIssuer = await getOrCreateStoredSecret({ |
| 58 | envKey: 'JWT_ISSUER', |
| 59 | fileName: 'jwt_issuer.key', |
| 60 | awsSecretIdSuffix: 'JWTIssuer', |
| 61 | defaultValueForNew: 'flowise' |
| 62 | }) |
| 63 | |
| 64 | jwtAudience = await getOrCreateStoredSecret({ |
| 65 | envKey: 'JWT_AUDIENCE', |
| 66 | fileName: 'jwt_audience.key', |
| 67 | awsSecretIdSuffix: 'JWTAudience', |
| 68 | defaultValueForNew: 'flowise' |
| 69 | }) |
| 70 | } |
| 71 | |
| 72 | export function getTokenHashSecret(): string { |
| 73 | if (tokenHashSecret === undefined) throw new Error(NOT_INITIALIZED) |
no test coverage detected