fix(cli): increase generated BETTER_AUTH_SECRET length from 16 to 32 … (#10186)

Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
This commit is contained in:
moonevm
2026-06-24 23:52:53 +02:00
committed by GitHub
parent 88409b0078
commit 452bd03f74
2 changed files with 16 additions and 2 deletions

View File

@@ -25,7 +25,7 @@ export async function tryCatch<T, E = Error>(
}
export const generateSecretHash = () => {
return Crypto.randomBytes(16).toString("hex");
return Crypto.randomBytes(32).toString("hex");
};
export const spawnCommand = (cmd: string, cwd: string = process.cwd()) =>

View File

@@ -155,7 +155,7 @@ describe("initAction", () => {
return { value: true };
}
if (question.name === "providedSecret") {
return { providedSecret: "test-secret-123" };
return { providedSecret: "" };
}
if (question.name === "providedURL") {
return { providedURL: "http://localhost:3000" };
@@ -256,6 +256,20 @@ describe("initAction", () => {
.then(() => true)
.catch(() => false);
expect(envExists).toBe(true);
const envContent = await fs.readFile(envPath, "utf-8");
const line = envContent
.toString()
.split("\n")
.find((l) => l.startsWith("BETTER_AUTH_SECRET="));
expect(line).toBeDefined();
const secret = line!.split("=")[1]?.replaceAll('"', "").trim();
expect(secret).toBeDefined();
expect(secret!.length).toBeGreaterThanOrEqual(64); // 64 characters 32 hex bytes
},
);