search

nhost / hasura-backend-plus

🔑Auth and 📦Storage for Hasura. The quickest way to get Auth and Storage working for your next app based on Hasura.
https://nhost.github.io/hasura-backend-plus/
MIT License
1.17k stars 187 forks source link

Mandatory env vars #580

Closed komninoschatzipapas closed 3 years ago

komninoschatzipapas commented 3 years ago

Resolves #564.

nikolowry commented 3 years ago

@elitan @komninoschat was it an oversight to make JWT_KEYrequired? I'd always relied on the auto-generated keys as described by JWT_KEY_FILE_PATH's description on https://github.com/nhost/hasura-backend-plus/blob/master/docs/configuration.md#authentication-1.

These new requirements make it impossible to omit JWT_KEY, which then cripples the auto-generated keys when JWT_KEY_FILE_PATH is not found.

Also, printing false in the startup logs when a required key is set is somewhat confusing: https://github.com/nhost/hasura-backend-plus/pull/580/files#diff-519a60f474e147c533c650d0c172a1112ccf306cdcd2d77558ae6d7cc0f84c5fR30. Is there not a better way to assert that the requirement was met? Does it concern anyone that secrets are being printed in plaintext in the logs?

Should I open a new issue for these?

komninoschatzipapas commented 3 years ago

@nikolowry Hey, thanks for bringing the JWT_KEY bug to our attention. The other console.log was just a debug leftover. Will fix both today.

Marcisbee commented 3 years ago

@komninoschat Any news on this? This still seem to be broken when using jwk_url in hasura configuration.