mirror of
https://github.com/better-auth/better-auth.git
synced 2026-07-16 14:38:30 -05:00
fix(cli): increase generated BETTER_AUTH_SECRET length from 16 to 32 … (#10186)
Co-authored-by: Maxwell <145994855+ping-maxwell@users.noreply.github.com>
This commit is contained in:
@@ -25,7 +25,7 @@ export async function tryCatch<T, E = Error>(
|
||||
}
|
||||
|
||||
export const generateSecretHash = () => {
|
||||
return Crypto.randomBytes(16).toString("hex");
|
||||
return Crypto.randomBytes(32).toString("hex");
|
||||
};
|
||||
|
||||
export const spawnCommand = (cmd: string, cwd: string = process.cwd()) =>
|
||||
|
||||
@@ -155,7 +155,7 @@ describe("initAction", () => {
|
||||
return { value: true };
|
||||
}
|
||||
if (question.name === "providedSecret") {
|
||||
return { providedSecret: "test-secret-123" };
|
||||
return { providedSecret: "" };
|
||||
}
|
||||
if (question.name === "providedURL") {
|
||||
return { providedURL: "http://localhost:3000" };
|
||||
@@ -256,6 +256,20 @@ describe("initAction", () => {
|
||||
.then(() => true)
|
||||
.catch(() => false);
|
||||
expect(envExists).toBe(true);
|
||||
|
||||
const envContent = await fs.readFile(envPath, "utf-8");
|
||||
|
||||
const line = envContent
|
||||
.toString()
|
||||
.split("\n")
|
||||
.find((l) => l.startsWith("BETTER_AUTH_SECRET="));
|
||||
|
||||
expect(line).toBeDefined();
|
||||
|
||||
const secret = line!.split("=")[1]?.replaceAll('"', "").trim();
|
||||
|
||||
expect(secret).toBeDefined();
|
||||
expect(secret!.length).toBeGreaterThanOrEqual(64); // 64 characters 32 hex bytes
|
||||
},
|
||||
);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user