diff --git a/packages/nocodb/src/Noco.ts b/packages/nocodb/src/Noco.ts index e6c1fea34a..2729331a21 100644 --- a/packages/nocodb/src/Noco.ts +++ b/packages/nocodb/src/Noco.ts @@ -6,8 +6,9 @@ import NcToolGui from 'nc-lib-gui'; import { IoAdapter } from '@nestjs/platform-socket.io'; import requestIp from 'request-ip'; import cookieParser from 'cookie-parser'; +import { T } from 'nc-help'; +import { v4 as uuidv4 } from 'uuid'; import { AppModule } from './app.module'; - import { NC_LICENSE_KEY } from './constants'; import Store from './models/Store'; import type { IEventEmitter } from './modules/event-emitter/event-emitter.interface'; @@ -125,4 +126,41 @@ export default class Noco { public static get server(): Express { return Noco._server; } + + public static async initJwt(): Promise { + if (this.config?.auth?.jwt) { + if (!this.config.auth.jwt.secret) { + let secret = ( + await Noco._ncMeta.metaGet('', '', 'nc_store', { + key: 'nc_auth_jwt_secret', + }) + )?.value; + if (!secret) { + await Noco._ncMeta.metaInsert('', '', 'nc_store', { + key: 'nc_auth_jwt_secret', + value: (secret = uuidv4()), + }); + } + this.config.auth.jwt.secret = secret; + } + + this.config.auth.jwt.options = this.config.auth.jwt.options || {}; + if (!this.config.auth.jwt.options?.expiresIn) { + this.config.auth.jwt.options.expiresIn = + process.env.NC_JWT_EXPIRES_IN ?? '10h'; + } + } + let serverId = ( + await Noco._ncMeta.metaGet('', '', 'nc_store', { + key: 'nc_server_id', + }) + )?.value; + if (!serverId) { + await Noco._ncMeta.metaInsert('', '', 'nc_store', { + key: 'nc_server_id', + value: (serverId = T.id), + }); + } + process.env.NC_SERVER_UUID = serverId; + } } diff --git a/packages/nocodb/src/app.module.ts b/packages/nocodb/src/app.module.ts index 5c9c908ccf..448dd1adf0 100644 --- a/packages/nocodb/src/app.module.ts +++ b/packages/nocodb/src/app.module.ts @@ -98,6 +98,9 @@ export class AppModule implements OnApplicationBootstrap { Noco.config = this.connection.config; Noco.eventEmitter = this.eventEmitter; + // init jwt secret + await Noco.initJwt(); + // init plugin manager await NcPluginMgrv2.init(Noco.ncMeta); await Noco.loadEEState(); diff --git a/packages/nocodb/src/utils/NcConfigFactory.ts b/packages/nocodb/src/utils/NcConfigFactory.ts index 5fd54e6676..5a9222d998 100644 --- a/packages/nocodb/src/utils/NcConfigFactory.ts +++ b/packages/nocodb/src/utils/NcConfigFactory.ts @@ -100,7 +100,7 @@ export default class NcConfigFactory { ncConfig.auth = { jwt: { - secret: process.env.NC_AUTH_JWT_SECRET ?? 'temporary-key', + secret: process.env.NC_AUTH_JWT_SECRET, }, }; @@ -421,7 +421,7 @@ export default class NcConfigFactory { if (process.env.NC_AUTH_ADMIN_SECRET) { config.auth = { masterKey: { - secret: process.env.NC_AUTH_ADMIN_SECRET ?? 'temporary-key', + secret: process.env.NC_AUTH_ADMIN_SECRET, }, }; } else if (process.env.NC_NO_AUTH) { @@ -436,7 +436,7 @@ export default class NcConfigFactory { dbAlias: process.env.NC_AUTH_JWT_DB_ALIAS || config.envs['_noco'].db[0].meta.dbAlias, - secret: process.env.NC_AUTH_JWT_SECRET ?? 'temporary-key', + secret: process.env.NC_AUTH_JWT_SECRET, }, }; } @@ -536,7 +536,7 @@ export default class NcConfigFactory { if (process.env.NC_AUTH_ADMIN_SECRET) { config.auth = { masterKey: { - secret: process.env.NC_AUTH_ADMIN_SECRET ?? 'temporary-key', + secret: process.env.NC_AUTH_ADMIN_SECRET, }, }; } else if (process.env.NC_NO_AUTH) { @@ -551,7 +551,7 @@ export default class NcConfigFactory { dbAlias: process.env.NC_AUTH_JWT_DB_ALIAS || config.envs['_noco'].db[0].meta.dbAlias, - secret: process.env.NC_AUTH_JWT_SECRET ?? 'temporary-key', + secret: process.env.NC_AUTH_JWT_SECRET, }, }; }