fix: production readiness bugfix batch
- Security: JWT fallback removed, auth checks on unprotected endpoints - Build: tsconfig excludes tests, ESLint flat config fixed - Money: Cashout deducts balance in transaction, UI refreshes - Core Chat: Nur page wired to send/receive messages - Profile: Replaced hardcoded data with useAuth() - Forum: Fixed thread detail query, premium check on posts - Misc: /dua→/prayer, forum thread API handles ?id= param QA gate: pending
This commit is contained in:
+4
-1
@@ -1,7 +1,10 @@
|
||||
import { SignJWT, jwtVerify } from 'jose'
|
||||
import bcrypt from 'bcryptjs'
|
||||
|
||||
const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-fallback'
|
||||
const JWT_SECRET = process.env.JWT_SECRET
|
||||
if (!JWT_SECRET && process.env.NODE_ENV === 'production') {
|
||||
throw new Error('JWT_SECRET environment variable is required in production')
|
||||
}
|
||||
const secret = new TextEncoder().encode(JWT_SECRET)
|
||||
|
||||
export function hashPassword(password: string): string {
|
||||
|
||||
Reference in New Issue
Block a user