Rework JWT Key Propagation

2025-06-15 15:07:36 -07:00 · 2025-06-15 15:07:36 -07:00 · 66f27d7a4c
commit 66f27d7a4c
parent daceab9c12
2 changed files with 5 additions and 3 deletions
--- a/qtc-net-server/Program.cs
+++ b/qtc-net-server/Program.cs
@ -54,9 +54,12 @@ builder.Services.AddAuthentication().AddJwtBearer(options =>
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = builder.Configuration["Jwt:Issuer"],
-        ValidAudience = builder.Configuration["Jwt:Audience"],
-        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]!))
+        ValidAudience = builder.Configuration["Jwt:Audience"]
    };
+
+    if (!string.IsNullOrEmpty(Environment.GetEnvironmentVariable("JWT_KEY")))
+        options.TokenValidationParameters.IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("JWT_KEY")!));
+    else options.TokenValidationParameters.IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]!));
 });
 builder.Services.AddScoped<IUserService, UserService>();
 builder.Services.AddScoped<ITokenService, TokenService>();
--- a/qtc-net-server/appsettings.json
+++ b/qtc-net-server/appsettings.json
@ -1,6 +1,5 @@
 {
  "Jwt": {
-    "Key": "bgpLLhY2L2UeZN3sj6WwSzScFmY3JgWfs33ZEJNcaPzC2TEnfZz",
    "Issuer": "http://localhost",
    "Audience": "http://localhost",
    "DefaultUserRole": "User"