updates

2026-02-10 17:40:30 -08:00 · 2026-02-07 15:33:08 -08:00 · 2026-02-07 15:33:08 -08:00 · ca43e4aee8
commit ca43e4aee8
parent ff0454537f
1 changed files with 3 additions and 3 deletions
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@ -19,7 +19,7 @@ export async function verifyPassword(password: string, hashedPassword: string):
 // ─── JWT Tokens ──────────────────────────────────────────────────

 export function generateAccessToken(payload: SessionPayload): string {
-  return jwt.sign(payload, process.env.JWT_SECRET!, { expiresIn: '1h' })
+  return jwt.sign(payload, process.env.JWT_ACCESS_SECRET!, { expiresIn: '1h' })
 }

 export function generateRefreshToken(payload: SessionPayload): string {
@ -28,7 +28,7 @@ export function generateRefreshToken(payload: SessionPayload): string {

 export function verifyAccessToken(token: string): SessionPayload | null {
  try {
-    return jwt.verify(token, process.env.JWT_SECRET!) as SessionPayload
+    return jwt.verify(token, process.env.JWT_ACCESS_SECRET!) as SessionPayload
  } catch {
    return null
  }
@ -49,7 +49,7 @@ export function generate2FACode(): string {
 }

 export function hash2FACode(code: string): string {
-  const hmac = crypto.createHmac('sha256', process.env.JWT_SECRET!)
+  const hmac = crypto.createHmac('sha256', process.env.TWO_FACTOR_SECRET!)
  hmac.update(code)
  return hmac.digest('hex')
 }