what is the meaning of TOKEN_SECRET?

[vazch]

I don't understand why is it necessary? I leave "token-secret-123" and my project works prefect, so how it works?

[jppope]

@01123899 it's a cryptographic security measure, makes the application more secure when you update that to something random that no one but you knows

[dbrrt]

@01123899 TOKEN_SECRET is the secret that'll be used to sign your tokens, if you don't change the default secret to a more secure string, you'll expose your system to anyone capable to create token with the same signature.