Context

We currently have 4 environment variables to specify our SECRETS in packages/twenty-server/.env:

ACCESS_TOKEN_SECRET
LOGIN_TOKEN_SECRET
REFRESH_TOKEN_SECRET
FILE_TOKEN_SECRET

We would like to replace those by a unique APP_SECRET env variable and to generate those 4 when needed as:

ACCESS_TOKEN_SECRET=SHA256({APP_SECRET}+{workspaceId}+"ACCESS")
LOGIN_TOKEN_SECRET=SHA256({APP_SECRET}+{workspaceId}+"FILE")
...

What & How

Remove those 4 secrets from the code base
introduce APP_SECRET instead (this needs to be introduced in several places, I would recommend look for ACCESS_TOKEN_SECRET and to mimick it)
compute accessTokenSecret based on the formula above whenever it's needed

Mar 20 '24 15:03 FelixMalfait

I have updated the tickets desc, ready to be picked!

Oct 09 '24 17:10 charlesBochet

/oss.gg 500

Oct 09 '24 17:10 charlesBochet

Thanks for opening an issue! It's live on oss.gg!

Oct 09 '24 17:10 oss-gg[bot]

@Devessier Let's go with sha as discussed together!

Oct 10 '24 09:10 charlesBochet

/assign

Oct 10 '24 11:10 vishnud05

Assigned to @vishnud05! Please open a draft PR linking this issue within 48h ⚠️ If we can't detect a PR from you linking this issue in 48h, you'll be unassigned automatically 🕹️ Excited to have you ship this 🚀

Oct 10 '24 11:10 oss-gg[bot]

/assign

Oct 10 '24 14:10 Fahad-Dezloper

This issue is already assigned to another person. Please find more issues here.

Oct 10 '24 14:10 oss-gg[bot]

/assign

Oct 10 '24 15:10 riazahmedshah

This issue is already assigned to another person. Please find more issues here.

Oct 10 '24 15:10 oss-gg[bot]

@vishnud05, Just a little reminder: Please open a draft PR linking this issue within 12 hours. If we can't detect a PR in 12h, you will be unassigned automatically.

Oct 11 '24 23:10 oss-gg[bot]

/assign

Oct 12 '24 07:10 AbhishekKhot

This issue is already assigned to another person. Please find more issues here.

Oct 12 '24 07:10 oss-gg[bot]

/assign

Oct 12 '24 18:10 BasitShafiq

This issue is already assigned to another person. Please find more issues here.

Oct 12 '24 18:10 oss-gg[bot]

/assign

Oct 13 '24 05:10 mr-rayeen

This issue is already assigned to another person. Please find more issues here.

Oct 13 '24 05:10 oss-gg[bot]

/assign

Oct 13 '24 13:10 amit-y11

This issue is already assigned to another person. Please find more issues here.

Oct 13 '24 13:10 oss-gg[bot]

/unassign

Oct 13 '24 14:10 charlesBochet

Issue unassigned.

Oct 13 '24 14:10 oss-gg[bot]

/assign

Oct 13 '24 14:10 amit-y11

Assigned to @amit-y11! Please open a draft PR linking this issue within 48h ⚠️ If we can't detect a PR from you linking this issue in 48h, you'll be unassigned automatically 🕹️ Excited to have you ship this 🚀

Oct 13 '24 14:10 oss-gg[bot]

@vishnud05, Just a little reminder: Please open a draft PR linking this issue within 12 hours. If we can't detect a PR in 12h, you will be unassigned automatically.

Oct 13 '24 23:10 oss-gg[bot]

/unassign

Oct 14 '24 14:10 amit-y11

Issue unassigned.

Oct 14 '24 14:10 oss-gg[bot]

/assign

Oct 14 '24 14:10 HarshithAlfred

Assigned to @HarshithAlfred! Please open a draft PR linking this issue within 48h ⚠️ If we can't detect a PR from you linking this issue in 48h, you'll be unassigned automatically 🕹️ Excited to have you ship this 🚀

Oct 14 '24 14:10 oss-gg[bot]

@vishnud05, Just a little reminder: Please open a draft PR linking this issue within 12 hours. If we can't detect a PR in 12h, you will be unassigned automatically.

Oct 15 '24 23:10 oss-gg[bot]

@HarshithAlfred, Just a little reminder: Please open a draft PR linking this issue within 12 hours. If we can't detect a PR in 12h, you will be unassigned automatically.

Oct 16 '24 02:10 oss-gg[bot]

Introduce APP_SECRET to replace SECRETS

Context

What & How