debug(ci): enhance JWT secret and environment variable handling

Author: coderomm

apps/collabydraw/next.config.ts

@@ -1,4 +1,5 @@
 import type { NextConfig } from "next";
+import { webpack } from "next/dist/compiled/webpack/webpack";
 
 const nextConfig: NextConfig = {
   /* config options here */
@@ -10,6 +11,18 @@ const nextConfig: NextConfig = {
   publicRuntimeConfig: {
     JWT_SECRET: process.env.JWT_SECRET,
   },
+
+  // eslint-disable-next-line @typescript-eslint/no-unused-vars
+  webpack: (config, { isServer }) => {
+    // Ensure environment variables are always available
+    config.plugins.push(
+      new webpack.DefinePlugin({
+        'process.env.JWT_SECRET': JSON.stringify(process.env.JWT_SECRET),
+        'process.env.DATABASE_URL': JSON.stringify(process.env.DATABASE_URL),
+      })
+    );
+    return config;
+  }
 };
 
 export default nextConfig;

apps/collabydraw/utils/auth.ts

@@ -58,10 +58,12 @@ export const authOptions: NextAuthOptions = {
         token.id = user.id;
         token.email = user.email;
       }
-
+      if (!process.env.JWT_SECRET) {
+        throw new Error("JWT_SECRET is ABSOLUTELY REQUIRED and not set");
+      }
       token.accessToken = jwt.sign(
         { id: token.id, email: token.email },
-        process.env.NEXT_PUBLIC_JWT_SECRET || "",
+        process.env.JWT_SECRET,
         { expiresIn: "7d" }
       );
       return token;
@@ -75,5 +77,5 @@ export const authOptions: NextAuthOptions = {
       return session;
     },
   },
-  secret: process.env.NEXT_PUBLIC_JWT_SECRET,
+  secret: process.env.JWT_SECRET,
 };

docker/Dockerfile.frontend

@@ -9,11 +9,6 @@ WORKDIR /usr/src/app
 ARG DATABASE_URL
 ARG JWT_SECRET
 
-# Set environment variables
-ENV DATABASE_URL=${DATABASE_URL}
-ENV JWT_SECRET=${JWT_SECRET}
-ENV NEXT_PUBLIC_JWT_SECRET=${JWT_SECRET}
-
 # Copy necessary files for dependency installation
 COPY ./packages ./packages
 COPY ./package.json ./package.json
@@ -38,6 +33,17 @@ RUN prisma generate
 # Change back to the root directory
 WORKDIR /usr/src/app
 
+# Set environment variables
+ENV DATABASE_URL=${DATABASE_URL}
+ENV JWT_SECRET=${JWT_SECRET}
+
+# Debugging step
+RUN echo "DATABASE_URL length: ${#DATABASE_URL}"
+RUN echo "JWT_SECRET length: ${#JWT_SECRET}"
+
+# Fail if secrets are not set
+RUN test -n "$DATABASE_URL" && test -n "$JWT_SECRET"
+
 # Debug step: print environment variables
 RUN echo "DATABASE_URL: ${DATABASE_URL}" && echo "JWT_SECRET set: ${JWT_SECRET:+yes}"