Fix unshell_obfuscate error. remove default encryption key error when there isn't any encryption

2026-06-08 22:38:01 -06:00 · 2026-01-27 15:37:19 -07:00
parent 2edb4f3187
commit a4411d378f
7 changed files with 39 additions and 12 deletions
@@ -3,9 +3,9 @@ name = "unshell-server"
 edition = "2024"

 [features]
-default = []
+default = ["log_debug"]
 log = ["unshell/log", "unshell-manager/log"]
-log_debug = ["log", "unshell/log_debug", "unshell-manager/log_debug"]
+log_debug = ["unshell/log_debug", "unshell-manager/log_debug"]

 [dependencies]
 unshell = { path = "../" }
@@ -31,7 +31,25 @@ use jsonwebtoken::{DecodingKey, EncodingKey};
 static EXPIRE_DURATION: Duration = Duration::hours(12);

 #[dynamic]
-static JWT_SECRET: String = std::env::var("JWT_SECRET").expect("JWT_SECRET must be set");
+
+static JWT_SECRET: String = {
+    if let Ok(env_secret) = std::env::var("JWT_SECRET") {
+        env_secret
+    } else {
+        println!(
+            r#"
+##############
+# WARNING: You are using the default JWT secret, used for creating user sessions
+# With this default key, anyone can login as any user.
+##############"#
+        );
+        "DEFAULT_SECRET".to_string()
+    }
+};
+
+// std::env::var("JWT_SECRET").unwrap_or(|| -> String {
+//     return "TEST".to_string();
+// }());

 #[dynamic]
 static JWT_ENCODING_KEY: EncodingKey = EncodingKey::from_secret(JWT_SECRET.as_bytes());