From a442ca420c029afbf5280534aca18515369ffe22 Mon Sep 17 00:00:00 2001 From: tinkle-community Date: Sat, 8 Nov 2025 18:06:14 +0800 Subject: [PATCH] fix(scripts): prevent JWT_SECRET from splitting across multiple lines (#756) Fix setup_encryption.sh script that was causing JWT_SECRET values to wrap onto multiple lines in .env file, leading to parse errors. Root cause: - openssl rand -base64 64 generates 88-character strings - Using echo with / delimiter in sed caused conflicts with / in base64 - Long strings could wrap when written to .env Changes: - Changed sed delimiter from / to | to avoid conflicts with base64 chars - Replaced echo with printf for consistent single-line output - Added quotes around JWT_SECRET values for proper escaping - Applied fix to all 3 locations that write JWT_SECRET Co-authored-by: tinkle Co-authored-by: tinkle-community --- scripts/setup_encryption.sh | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/scripts/setup_encryption.sh b/scripts/setup_encryption.sh index 506c7b95..ec371063 100755 --- a/scripts/setup_encryption.sh +++ b/scripts/setup_encryption.sh @@ -190,18 +190,20 @@ if [ "$KEY_SKIPPED" != "true" ]; then fi if grep -q "^JWT_SECRET=" .env; then + # 使用替代分隔符避免 / 字符冲突,并用引号保护值 if [[ "$OSTYPE" == "darwin"* ]]; then - sed -i '' "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_KEY/" .env + sed -i '' "s|^JWT_SECRET=.*|JWT_SECRET=\"$JWT_KEY\"|" .env else - sed -i "s/^JWT_SECRET=.*/JWT_SECRET=$JWT_KEY/" .env + sed -i "s|^JWT_SECRET=.*|JWT_SECRET=\"$JWT_KEY\"|" .env fi else - echo "JWT_SECRET=$JWT_KEY" >> .env + # 使用引号确保值在同一行 + printf "JWT_SECRET=\"%s\"\n" "$JWT_KEY" >> .env fi else # 创建新文件 echo "DATA_ENCRYPTION_KEY=$DATA_KEY" > .env - echo "JWT_SECRET=$JWT_KEY" >> .env + printf "JWT_SECRET=\"%s\"\n" "$JWT_KEY" >> .env fi chmod 600 .env echo -e "${GREEN} ✓ 密钥已保存到 .env 文件${NC}" @@ -217,7 +219,7 @@ elif [ "$DATA_KEY_EXISTS" != "true" ] || [ "$JWT_KEY_EXISTS" != "true" ]; then if [ "$JWT_KEY_EXISTS" != "true" ]; then echo -e " ${CYAN}生成缺失的JWT认证密钥...${NC}" JWT_KEY=$(openssl rand -base64 64) - echo "JWT_SECRET=$JWT_KEY" >> .env + printf "JWT_SECRET=\"%s\"\n" "$JWT_KEY" >> .env echo -e "${GREEN} ✓ JWT认证密钥生成完成${NC}" fi