You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm pretty sure this is the right place to put this, but if not then feel free to tell me.
Like the examples, I randomly generate a secret every time my server restarts:
let secret = {letmut rng = thread_rng();letmut v = Vec::with_capacity(64);
v.append(&mut rng.gen::<[u8;32]>().to_vec());//can't get rand to do a [u8; 64] so fun times ensue
v.append(&mut rng.gen::<[u8;32]>().to_vec());
v
};
```
However, because my server restarts often, that key changes often and logs everybody out when Iuse a `MemoryStore`.I'm now using a persistent postgres-based store, but every time I restart, the secret regenerates and the auth layer picks a new ID for each user and everyone is logged out.Is there an intended way to fix this - storing the secret in the db doesn't seem intuitive, so I was wondering ifI was doing something wrong.MyPostgres solution is almost identical to [aysnc-sqlx-session](https://lib.rs/crates/async-sqlx-session)'s postgres one.Thanks!
The text was updated successfully, but these errors were encountered:
Most real applications would be given a secret via an environment variable or similar (how you generate this is up to you, but it’s paramount to your app’s security it be done so with care). Generally, you would not create a new secret each time you run your app. These examples do that only to illustrate the basic principles but are not intended to model a more complex app.
I'm pretty sure this is the right place to put this, but if not then feel free to tell me.
Like the examples, I randomly generate a secret every time my server restarts:
The text was updated successfully, but these errors were encountered: