+4 -1 +/-1 browse
| 1 | diff --git a/web/src/main.rs b/web/src/main.rs |
| 2 | index 45520a4..30ed650 100644 |
| 3 | --- a/web/src/main.rs |
| 4 | +++ b/web/src/main.rs |
| 5 | @@ -43,7 +43,10 @@ fn new_state(conf: Configuration) -> Arc<AppState> { |
| 6 | |
| 7 | fn create_app(shared_state: Arc<AppState>) -> Router { |
| 8 | let store = MemoryStore::new(); |
| 9 | - let secret = rand::thread_rng().gen::<[u8; 128]>(); |
| 10 | + #[cfg(debug_assertions)] |
| 11 | + let secret = std::env::var("SECRET").ok().and_then(|s| s.into_bytes().try_into().ok()).unwrap_or_else(|| rand::thread_rng().gen::<[u8; 128]>()); |
| 12 | + #[cfg(not(debug_assertions))] |
| 13 | + let secret = std::env::var("SECRET").ok().and_then(|s| s.into_bytes().try_into().ok()).expect("environment variable SECRET must be set for production use. It must be a slice of 128 bytes. Try this command: SECRET=\"$(dd if=/dev/urandom bs=1 count=128)\""); |
| 14 | let session_layer = SessionLayer::new(store, &secret).with_secure(false); |
| 15 | |
| 16 | let auth_layer = AuthLayer::new(shared_state.clone(), &secret); |