bunny-lab/Borealis-Github-Replica
1
0
Fork 0
mirror of https://github.com/bunny-lab-io/Borealis.git synced 2025-10-27 03:21:57 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix: relocate server runtime secrets

Browse Source
This commit is contained in:
Nicole Rappe
2025-10-17 19:51:35 -06:00
parent 98ee77caca
commit 43967e758d
6 changed files with 101 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Data/Server/Modules/auth/jwt_service.py
View File

@@ -14,7 +14,9 @@ import jwt
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519
_KEY_DIR = Path(__file__).resolve().parent.parent / "keys"
from Modules.runtime import ensure_runtime_dir, runtime_path
_KEY_DIR = runtime_path("keys")
_KEY_FILE = _KEY_DIR / "borealis-jwt-ed25519.key"
@@ -96,7 +98,7 @@ def load_service() -> JWTService:
def _load_or_create_private_key() -> ed25519.Ed25519PrivateKey:
_KEY_DIR.mkdir(parents=True, exist_ok=True)
ensure_runtime_dir("keys")
if _KEY_FILE.exists():
with _KEY_FILE.open("rb") as fh:
return serialization.load_pem_private_key(fh.read(), password=None)