jwt secret is now autogenerated

docker/src/shared/config.js

@@ -2,6 +2,7 @@ import fs from 'fs';
 import path from 'path';
 import os from 'os';
 import yaml from 'js-yaml';
+import crypto from 'crypto';
 
 const BASE_DIR = path.join(os.homedir(), 'WaifuBoards');
 const CONFIG_PATH = path.join(BASE_DIR, 'config.yaml');
@@ -17,6 +18,9 @@ const DEFAULT_CONFIG = {
         ffmpeg: null,
         ffprobe: null,
         cloudflared: null,
+    },
+    server: {
+        jwt_secret: null
     }
 };
 
@@ -39,13 +43,31 @@ function ensureConfigFile() {
         fs.mkdirSync(BASE_DIR, { recursive: true });
     }
 
-    if (!fs.existsSync(CONFIG_PATH)) {
+    let configExists = fs.existsSync(CONFIG_PATH);
+
+    if (!configExists) {
         fs.writeFileSync(
             CONFIG_PATH,
             yaml.dump(DEFAULT_CONFIG),
             'utf8'
         );
     }
+
+    const raw = fs.readFileSync(CONFIG_PATH, 'utf8');
+    const loaded = yaml.load(raw) || {};
+
+    if (!loaded.server) loaded.server = {};
+    if (!loaded.server.jwt_secret) {
+        loaded.server.jwt_secret = crypto.randomBytes(32).toString('hex');
+        fs.writeFileSync(CONFIG_PATH, yaml.dump(deepMerge(structuredClone(DEFAULT_CONFIG), loaded)), 'utf8');
+    }
+}
+
+export function getPublicConfig() {
+    const { values } = getConfig();
+    const publicConfig = structuredClone(values);
+    if (publicConfig.server) delete publicConfig.server.jwt_secret;
+    return publicConfig;
 }
 
 export function getConfig() {