liuyu/nofx
1
0
Fork 0
mirror of https://github.com/NoFxAiOS/nofx.git synced 2026-06-06 05:51:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(scripts): prevent JWT_SECRET from splitting across multiple lines (#756)

Browse Source 
Fix setup_encryption.sh script that was causing JWT_SECRET values to wrap
onto multiple lines in .env file, leading to parse errors.
Root cause:
- openssl rand -base64 64 generates 88-character strings
- Using echo with / delimiter in sed caused conflicts with / in base64
- Long strings could wrap when written to .env
Changes:
- Changed sed delimiter from / to | to avoid conflicts with base64 chars
- Replaced echo with printf for consistent single-line output
- Added quotes around JWT_SECRET values for proper escaping
- Applied fix to all 3 locations that write JWT_SECRET
Co-authored-by: tinkle <tinkle@tinkle.community>
Co-authored-by: tinkle-community <tinklefund@gmail.com>
This commit is contained in:
tinkle-community
2025-11-08 18:06:14 +08:00
committed by GitHub
parent f7af75c657
commit a442ca420c
1 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
scripts/setup_encryption.sh
View File

@@ -190,18 +190,20 @@ if [ "$KEY_SKIPPED" != "true" ]; then
fi
if grep -q "^JWT_SECRET=" .env; then
# 使用替代分隔符避免 / 字符冲突,并用引号保护值
if [[ "$OSTYPE" == "darwin"* ]]; then
sed -i '' "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_KEY/" .env
sed -i '' "s|^JWT_SECRET=.*|JWT_SECRET=\"$JWT_KEY\"|" .env
else
sed -i "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_KEY/" .env
sed -i "s|^JWT_SECRET=.*|JWT_SECRET=\"$JWT_KEY\"|" .env
fi
else
echo "JWT_SECRET=$JWT_KEY" >> .env
# 使用引号确保值在同一行
printf "JWT_SECRET=\"%s\"\n" "$JWT_KEY" >> .env
fi
else
# 创建新文件
echo "DATA_ENCRYPTION_KEY=$DATA_KEY" > .env
echo "JWT_SECRET=$JWT_KEY" >> .env
printf "JWT_SECRET=\"%s\"\n" "$JWT_KEY" >> .env
fi
chmod 600 .env
echo -e "${GREEN} ✓ 密钥已保存到 .env 文件${NC}"
@@ -217,7 +219,7 @@ elif [ "$DATA_KEY_EXISTS" != "true" ] || [ "$JWT_KEY_EXISTS" != "true" ]; then
if [ "$JWT_KEY_EXISTS" != "true" ]; then
echo -e " ${CYAN}生成缺失的JWT认证密钥...${NC}"
JWT_KEY=$(openssl rand -base64 64)
echo "JWT_SECRET=$JWT_KEY" >> .env
printf "JWT_SECRET=\"%s\"\n" "$JWT_KEY" >> .env
echo -e "${GREEN} ✓ JWT认证密钥生成完成${NC}"
fi