Security: SECRET_KEY obligatorio desde .env — sin fallback hardcodeado
This commit is contained in:
@@ -12,7 +12,9 @@ import os
|
||||
from database import get_db, SessionLocal
|
||||
from models.user import User, Role
|
||||
|
||||
SECRET_KEY = os.getenv("SECRET_KEY", "aidsmonitoring-secret-2026-change-in-prod")
|
||||
SECRET_KEY = os.getenv("SECRET_KEY")
|
||||
if not SECRET_KEY:
|
||||
raise RuntimeError("SECRET_KEY no configurado — crea backend/.env con SECRET_KEY=<valor>")
|
||||
ALGORITHM = "HS256"
|
||||
TOKEN_HOURS = 8
|
||||
|
||||
|
||||
Reference in New Issue
Block a user