From 255518a6a8e676b85986aa145f003e311827a7f4 Mon Sep 17 00:00:00 2001 From: Jennie Robinson Faber Date: Sat, 4 Apr 2026 12:34:06 +0100 Subject: [PATCH] fix: throw on missing OIDC_COOKIE_SECRET in production --- server/utils/oidc-provider.ts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/server/utils/oidc-provider.ts b/server/utils/oidc-provider.ts index d230fe1..2c9fafe 100644 --- a/server/utils/oidc-provider.ts +++ b/server/utils/oidc-provider.ts @@ -11,6 +11,10 @@ import { MongoAdapter } from "./oidc-mongodb-adapter.js"; import Member from "../models/member.js"; import { connectDB } from "./mongoose.js"; +if (process.env.NODE_ENV === 'production' && !process.env.OIDC_COOKIE_SECRET) { + throw new Error('OIDC_COOKIE_SECRET must be set in production') +} + /** * Renders a standalone HTML page in the guild dark style. * Used for OIDC logout/error screens that are served outside Nuxt.