Skip to content

feat(security): generate random JWT secrets when not configured#2974

Merged
spetz merged 6 commits intomasterfrom
improve_http_secret
Mar 20, 2026
Merged

feat(security): generate random JWT secrets when not configured#2974
spetz merged 6 commits intomasterfrom
improve_http_secret

Conversation

@spetz
Copy link
Contributor

@spetz spetz commented Mar 18, 2026

Deploying the HTTP server with hardcoded default JWT secrets
is a security risk — every instance shares the same signing
key. Empty defaults now trigger secure random secret
generation at startup, with a warning logged showing a
redacted preview of the generated value.

When both encoding and decoding secrets are empty, a single
random secret is generated and used for both (symmetric
HMAC). Tokens are invalidated on restart, nudging operators
to set persistent secrets in production.

@spetz spetz added server iggy-server related change rust Pull requests that update Rust code config Configuration (client side or server side) change labels Mar 18, 2026
@spetz spetz requested review from hubcio and mmodzelewski March 18, 2026 20:12
@codecov
Copy link

codecov bot commented Mar 18, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 55.00000% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 71.80%. Comparing base (2119848) to head (d2db5f1).
⚠️ Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
core/server/src/http/http_server.rs 55.00% 9 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff              @@
##             master    #2974      +/-   ##
============================================
- Coverage     71.81%   71.80%   -0.02%     
  Complexity      930      930              
============================================
  Files          1116     1116              
  Lines         92601    92616      +15     
  Branches      70122    70149      +27     
============================================
- Hits          66500    66499       -1     
- Misses        23539    23551      +12     
- Partials       2562     2566       +4
Flag Coverage Δ
csharp 67.43% <ø> (-0.23%) ⬇️
go 36.38% <ø> (ø)
java 62.08% <ø> (ø)
node 91.37% <ø> (-0.17%) ⬇️
python 81.43% <ø> (ø)
rust 72.50% <55.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
core/server/src/http/http_server.rs 48.60% <55.00%> (+0.30%) ⬆️

... and 19 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@spetz spetz force-pushed the improve_http_secret branch 2 times, most recently from c4dc790 to 27883d8 Compare March 18, 2026 20:16
mmodzelewski
mmodzelewski previously approved these changes Mar 18, 2026
View reviewed changes
@spetz spetz force-pushed the improve_http_secret branch from 27883d8 to 66b3792 Compare March 18, 2026 20:21
@spetz spetz force-pushed the improve_http_secret branch from 66b3792 to 1edfe36 Compare March 18, 2026 20:22
mmodzelewski
mmodzelewski previously approved these changes Mar 18, 2026
View reviewed changes
mmodzelewski
mmodzelewski previously approved these changes Mar 20, 2026
View reviewed changes
hubcio
hubcio requested changes Mar 20, 2026
View reviewed changes
@spetz spetz merged commit f4b0af5 into master Mar 20, 2026
139 of 142 checks passed
@spetz spetz deleted the improve_http_secret branch March 20, 2026 13:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hubcio hubcio hubcio approved these changes

@mmodzelewski mmodzelewski mmodzelewski approved these changes

Assignees

No one assigned

Labels

config Configuration (client side or server side) change rust Pull requests that update Rust code server iggy-server related change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@spetz @hubcio @mmodzelewski