Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

what is the meaning of TOKEN_SECRET? #61

Open
vazch opened this issue May 22, 2018 · 2 comments
Open

what is the meaning of TOKEN_SECRET? #61

vazch opened this issue May 22, 2018 · 2 comments

Comments

@vazch
Copy link

vazch commented May 22, 2018

I don't understand why is it necessary? I leave "token-secret-123"
and my project works prefect, so how it works?
@jppope
Copy link

jppope commented Jul 29, 2018

@01123899 it's a cryptographic security measure, makes the application more secure when you update that to something random that no one but you knows

@dbrrt
Copy link

dbrrt commented Jan 6, 2019

@01123899 TOKEN_SECRET is the secret that'll be used to sign your tokens, if you don't change the default secret to a more secure string, you'll expose your system to anyone capable to create token with the same signature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jppope @dbrrt @vazch