Move JWT secret key fallback to config database

- Change JWT_SECRET_KEY fallback from hardcoded to get_config('jwt_secret_key') - Allows configuration through database instead of code changes - Maintains environment variable priority

Move JWT secret key fallback to config database
- Change JWT_SECRET_KEY fallback from hardcoded to get_config('jwt_secret_key') - Allows configuration through database instead of code changes - Maintains environment variable priority
345fc8d9 · Stefy Lanza (nextime / spora ) · ac4b73e0 · 345fc8d9
Commit 345fc8d9 authored Oct 06, 2025 by Stefy Lanza (nextime / spora )
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 3 deletions

database.py vidai/database.py +3 -3

No files found.
--- a/vidai/database.py
+++ b/vidai/database.py
@@ -1106,8 +1106,8 @@ def create_user_api_token(user_id: int, name: str) -> str:
        'exp': int(time.time()) + (100 * 365 * 24 * 60 * 60)  # 100 years expiration
    }

-    # Use a simple secret key (in production, use environment variable)
-    secret_key = os.environ.get('JWT_SECRET_KEY', 'vidai-jwt-secret-key-change-in-production')
+    # Use JWT secret key from config, with environment variable override
+    secret_key = os.environ.get('JWT_SECRET_KEY', get_config('jwt_secret_key', 'vidai-jwt-secret-key-change-in-production'))
    jwt_token = jwt.encode(payload, secret_key, algorithm='HS256')

    # Generate short public token with prefix
@@ -1154,7 +1154,7 @@ def validate_user_api_token(token: str) -> Optional[Dict[str, Any]]:

    # Decode JWT token
    try:
-        secret_key = os.environ.get('JWT_SECRET_KEY', 'vidai-jwt-secret-key-change-in-production')
+        secret_key = os.environ.get('JWT_SECRET_KEY', get_config('jwt_secret_key', 'vidai-jwt-secret-key-change-in-production'))
        payload = jwt.decode(jwt_token, secret_key, algorithms=['HS256'])
        user_id = payload['user_id']
        token_id = payload['token_id']