Docker-compose - use .env file for session and JWT secrets

samuelberston · Nov 19, 2024 · 1303b96 · 1303b96
1 parent 07582f9
commit 1303b96
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/backend/routes/protectedRouter.js b/backend/routes/protectedRouter.js
@@ -18,6 +18,10 @@ function authenticateToken(req, res, next) {
     }
 
     jwt.verify(token, process.env.JWT_SECRET, (err, user) => {
+        if (!process.env.JWT_SECRET) {
+            logger.error('JWT_SECRET environment variable is not set');
+            return res.status(500).json({ message: 'Server configuration error' });
+        }
         if (err) {
             logger.warn(`Attempt to access protected data with expired JWT from IP: %s`, req.ip);
             return res.status(403).json({ message: 'Token invalid or expired.' });

diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -5,6 +5,8 @@ services:
     container_name: backend
     ports:
       - "3000:3000"
+    env_file: 
+      - .env
     environment:
       - PORT=3000
       - DB_HOST=host.docker.internal