File tree Expand file tree Collapse file tree 2 files changed +9
-9
lines changed
Expand file tree Collapse file tree 2 files changed +9
-9
lines changed Original file line number Diff line number Diff line change @@ -90,7 +90,7 @@ ADMIN_USER=admin
9090# - At least one special character (!@#$%^&*()_+-=[]{}|;:,.<>?)
9191# Example: MySecure123!Password
9292# NEVER commit real passwords to version control!
93- ADMIN_PW = YourSecure12!PasswordHere
93+ ADMIN_PASSWORD = Your $ecureP @ssw0rd!
9494
9595# =============================================================================
9696# ACTUAL BUDGET INTEGRATION
@@ -180,7 +180,7 @@ LOG_LEVEL=info
180180# - JWT_SECRET (32+ chars)
181181# - JWT_REFRESH_SECRET (32+ chars, different from JWT_SECRET)
182182# - SESSION_SECRET (32+ chars, different from JWT secrets)
183- # - ADMIN_PW (12+ chars with complexity requirements)
183+ # - ADMIN_PASSWORD (12+ chars with complexity requirements)
184184# - ACTUAL_SERVER_URL
185185# - ACTUAL_PASSWORD
186186# - ACTUAL_SYNC_ID
@@ -245,7 +245,7 @@ MAX_REQUEST_SIZE=10kb
245245# openssl rand -hex 64 (for 64-char secrets)
246246
247247# 2. PASSWORD HASHING:
248- # To hash the ADMIN_PW , use:
248+ # To hash the ADMIN_PASSWORD , use:
249249# node -e "const bcrypt = require('bcrypt'); bcrypt.hash('password', 12).then(h => console.log(h));"
250250
251251# 3. PRODUCTION DEPLOYMENT:
Original file line number Diff line number Diff line change @@ -47,21 +47,21 @@ export const validatePasswordComplexity = (password) => {
4747export const ensureAdminUserHash = async ( ) => {
4848 const db = getDb ( ) ;
4949 const adminUsername = process . env . ADMIN_USER || 'admin' ;
50- const adminPW = process . env . ADMIN_PW ;
50+ const adminPassword = process . env . ADMIN_PASSWORD ;
5151
52- if ( ! adminPW ) {
53- logger . error ( 'ADMIN_PW missing – cannot create admin user. Exiting.' ) ;
52+ if ( ! adminPassword ) {
53+ logger . error ( 'ADMIN_PASSWORD missing – cannot create admin user. Exiting.' ) ;
5454 process . exit ( 1 ) ;
5555 }
5656
5757 // Validate password complexity for new passwords
58- const passwordValidation = validatePasswordComplexity ( adminPW ) ;
58+ const passwordValidation = validatePasswordComplexity ( adminPassword ) ;
5959 if ( ! passwordValidation . valid ) {
6060 logger . warn ( `Admin password does not meet complexity requirements: ${ passwordValidation . message } ) ;
61- logger . warn ( 'Consider updating ADMIN_PW to meet security standards' ) ;
61+ logger . warn ( 'Consider updating ADMIN_PASSWORD to meet security standards' ) ;
6262 }
6363
64- const hash = await bcrypt . hash ( adminPW , 12 ) ;
64+ const hash = await bcrypt . hash ( adminPassword , 12 ) ;
6565
6666 const upsert = db . prepare ( `
6767 INSERT INTO users (username, password_hash, is_active)
You can’t perform that action at this time.
0 commit comments