jppope
commented
5 years ago @01123899 it's a cryptographic security measure, makes the application more secure when you update that to something random that no one but you knows
Open vazch opened 6 years ago
jppope
commented
5 years ago @01123899 it's a cryptographic security measure, makes the application more secure when you update that to something random that no one but you knows
dbrrt
commented
5 years ago @01123899 TOKEN_SECRET is the secret that'll be used to sign your tokens, if you don't change the default secret to a more secure string, you'll expose your system to anyone capable to create token with the same signature.
I don't understand why is it necessary? I leave "token-secret-123" and my project works prefect, so how it works?