The "secret" app asserts that the site secret has been defined. Whenever the app is loaded, an error is thrown if a site secret is not available. The app also provides a CLI command for generating a site secret.
When using the Carolina starter project, a random secret token is written to
.env when you run init.sh.
Even when the "secret" app has not been loaded, you can use the "config" service to access the site secret:
let siteSecret = App.$config.get('secret', 'siteSecret');The "secret" app defines a default configuration which only has one property,
siteSecret. By default, it reads the value of the environment variable
SITE_SECRET. The "secret" service expects the configuration value
siteSecret to be defined.
Example:
// config/secret.js
module.exports = {
siteSecret: process.env.SITE_SECRET || null
};You can also use the config/secret.js file to store other secret
configuration values (such as AWS keys, other API keys, etc). Just make sure
to read them from the environment instead of hard-coding them.
You can create a new site secret for a new project or new environment by running the following command:
node . secret create
This will generate a new 32-character random hex token and write it to .env
as SITE_SECRET. If the site secret is already defined, nothing happens.
The "secret" app allows for the publishing of a config file from its app
directory to your projects config/ directory.
The following command will create the file config/secret.js:
node . publish --config secret