admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): add production env validation and sanitize .env.example

Browse Source 
- Add startup env validation that fails fast in production if critical vars
  (JWT_SECRET, JWT_REFRESH_SECRET, DATABASE_URL, CORS_ORIGINS, REDIS_HOST)
  are missing
- Fix CORS_ORIGINS to throw in production instead of defaulting to localhost
- Replace hardcoded dev passwords in .env.example with CHANGE_ME placeholders
- Add missing vars to .env.example (CORS_ORIGINS, SMTP_*, FIREBASE, LOG_LEVEL)
- Warn on missing optional payment/storage vars at startup

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-08 06:12:39 +07:00
parent d77c14e549
commit e89c8f5810
4 changed files with 112 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
apps/api/src/modules/shared/infrastructure/index.ts
View File

@@ -11,3 +11,4 @@ export { maskPii } from './pii-masker';
export { ThrottlerBehindProxyGuard } from './guards/throttler-behind-proxy.guard';
export { FileValidationPipe } from './pipes/file-validation.pipe';
export type { FileValidationOptions } from './pipes/file-validation.pipe';
export { validateEnv } from './env-validation';