mirror of
https://github.com/orangecoding/fredy.git
synced 2026-06-16 12:31:07 +00:00
security update
This commit is contained in:
@@ -67,6 +67,19 @@ export async function getSettings() {
|
||||
return cachedSettingsConfig;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get or create a persistent session signing secret.
|
||||
* Generated once and stored in the settings table under the key 'session_secret'.
|
||||
* @returns {Promise<string>}
|
||||
*/
|
||||
export async function getOrCreateSessionSecret() {
|
||||
const settings = await getSettings();
|
||||
if (settings.session_secret) return settings.session_secret;
|
||||
const secret = nanoid(64);
|
||||
upsertSettings({ session_secret: secret });
|
||||
return secret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Upsert settings rows.
|
||||
* - Accepts an object map of name -> value, or an entry {name, value}.
|
||||
|
||||
Reference in New Issue
Block a user