Security: Remove default secret #445
Description
What type of request is this?
Enhancement of an existing feature
Clear and concise description of the feature you are proposing
As I was considering using this project (and I think I will, it looks great), I was reading through configuration documentation and noticed that AUTHENTICATION_JWT_SECRET defaults to change-me.
As a rule, default secrets have been the source of many security vulnerabilities. If I understand what this variable is used for, a malicious person could fairly safely assume that it has been left at its default value, and only need to guess usernames in order to forge auth tokens.
Granted, I don't see this as a huge risk (worst case: someone else uses your private instance when you don't want them to), but I would suggest a simple low-friction alternative approach: if AUTHENTICATION_JWT_SECRET is unset, generate a random value at startup, while printing a warning for users that it should be set. If the variable works the way I think it does, the worst effect that this will have is it will require users to sign in every time the service restarts.
Additional context
No response
Validations
- Check the feature is not already implemented in the project.
- Check that there isn't already an issue that request the same feature to avoid creating a duplicate.
- Check that the feature is technically feasible and aligns with the project's goals.