SECRET_KEY Changed
Our Gadget app had been working fine for about a year, then we started getting errors on our generated tokens. We have a SECRET_KEY set in our env vars within Gadget.
Within api/routes/POST-generate-token.js we have:
const token = crypto
.createHmac('sha256', process.env.SECRET_KEY)
.update(request.body.email)
.digest('hex');
But it refused to generate the correct token. I output the SECRET_KEY to the console, and it appears to be: value-needed-to-boot-app-1111111
Which isn't even close to what is listed within Development or Production vars.
Why would this happen? And how can I make it actually use SECRET_KEY?
4 Replies
ah shoot Mike this is a bug where the name of this env var is colliding with an env var we use internally within Gadget! to work around this problem for now a differently named key should work
to the best of my knowledge handling of this hasnt changed recently but i will dig into it and figure out what went wrong!
also, can you link me to your app?
Thanks @airhorns - changing the var to "GADGET_KEY" would work? Sent you our app link via DM as it's not public facing.
yep that should work! and ok thanks, i will take a look on the backend to see whats up
Do you like this answer?