Skip to content

Fix/password generation#615#617

Merged
MickLesk merged 3 commits into
community-scripts:mainfrom
Vivelis:fix/password-generation
Jun 15, 2026
Merged

Fix/password generation#615#617
MickLesk merged 3 commits into
community-scripts:mainfrom
Vivelis:fix/password-generation

Conversation

@Vivelis

@Vivelis Vivelis commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

✍️ Description

This Pull request fixes the JWT_SECRET that was no longer saved properly inside the .env.
Auth environment variables are now handled using process.env.
New warn log was added in case the auth token is missing.

Tests has been conducted on the creation of a new LXC container instance.

  • user creation with credentials
  • enabling / disabling auth
  • installing a new service

🔗 Related PR / Issue

Fixes: #615

✅ Prerequisites (X in brackets)

  • Self-review completed – Code follows project standards.
  • Tested thoroughly – Changes work as expected.
  • No security risks – No hardcoded secrets, unnecessary privilege escalations, or permission issues.

🛠️ Type of Change (X in brackets)

  • 🐞 Bug fix – Resolves an issue without breaking functionality.
  • New feature – Adds new, non-breaking functionality.
  • 💥 Breaking change – Alters existing functionality in a way that may require updates.

Vivelis added 2 commits June 12, 2026 23:25
- Decode JWT in WebSocket auth to reject expired tokens and log auth failures.
- Introduce constants `OUTPUT_BUFFER_MAX_LENGTH`, `BACKUP_UPDATE_DELAY_MS`, and `JWT_EXP_MS_FACTOR`.
- Replace hardcoded buffer length and delay values with the new constants.
- Coerce `AUTH_ENABLED` and `AUTH_SETUP_COMPLETED` to boolean and add `AUTH_SESSION_DURATION_DAYS` env.
…ls update

Add a `syncProcessEnvFromFile()` function that reads the .env file and updates
process.env and the cached JWT secret, ensuring that in-memory state matches
the persisted environment without requiring a server restart.

Call this function after writing credentials or toggling authentication
settings to keep the running server in sync. Also set the setup completed flag
when credentials are updated, and clear it when disabling auth to force the
fresh setup flow on re-enable.
@Vivelis
Vivelis requested a review from a team as a code owner June 14, 2026 13:17
@Vivelis
Vivelis marked this pull request as draft June 14, 2026 13:18
@Vivelis Vivelis changed the title Fix/password generation Fix/password generation#615 Jun 14, 2026
@Vivelis
Vivelis marked this pull request as ready for review June 14, 2026 13:50
@MickLesk
MickLesk merged commit 772daaf into community-scripts:main Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Set up authentication prompt every time I refresh the page

2 participants