Use general token signing secret (#29205) (#29325)

Backport #29205 (including #29172) Use a clearly defined "signing secret" for token signing.
2024-02-23 01:07:41 +08:00
parent 7ea2ffaf16
commit 511298e452
13 changed files with 130 additions and 70 deletions
--- a/routers/install/install.go
+++ b/routers/install/install.go
@@ -407,7 +407,7 @@ func SubmitInstall(ctx *context.Context) {
 		cfg.Section("server").Key("LFS_START_SERVER").SetValue("true")
 		cfg.Section("lfs").Key("PATH").SetValue(form.LFSRootPath)
 		var lfsJwtSecret string
-		if _, lfsJwtSecret, err = generate.NewJwtSecretBase64(); err != nil {
+		if _, lfsJwtSecret, err = generate.NewJwtSecretWithBase64(); err != nil {
 			ctx.RenderWithErr(ctx.Tr("install.lfs_jwt_secret_failed", err), tplInstall, &form)
 			return
 		}