Introduced Secrets Manager

2025-09-28 17:43:21 +02:00
parent 4d9b1f1dff
commit 83fc24be0c
13 changed files with 79 additions and 32 deletions
--- a/src/routes/auth/auth.ts
+++ b/src/routes/auth/auth.ts
@@ -3,6 +3,7 @@ import bcrypt from "bcrypt";
 import jwt from "jsonwebtoken";
 import { generateRandomPassword, hashPassword } from "../../utils/password"
 import { sendMail } from "../../utils/mailer"
+import {secrets} from "../../utils/secrets";

 export default async function authRoutes(server: FastifyInstance) {
    // Registrierung
@@ -140,7 +141,7 @@ export default async function authRoutes(server: FastifyInstance) {
            } else {
                const token = jwt.sign(
                    { user_id: user.id, email: user.email, tenant_id: req.tenant ? req.tenant.id : null },
-                    process.env.JWT_SECRET!,
+                    secrets.JWT_SECRET!,
                    { expiresIn: "3h" }
                );

--- a/src/routes/exports.ts
+++ b/src/routes/exports.ts
@@ -7,6 +7,7 @@ import {GetObjectCommand, PutObjectCommand} from "@aws-sdk/client-s3"
 import {getSignedUrl} from "@aws-sdk/s3-request-presigner";
 import dayjs from "dayjs";
 import {randomUUID} from "node:crypto";
+import {secrets} from "../utils/secrets";

 const createExport = async (server:FastifyInstance,req:any,startDate,endDate,beraternr,mandantennr) => {
    console.log(startDate,endDate,beraternr,mandantennr)
@@ -22,7 +23,7 @@ const createExport = async (server:FastifyInstance,req:any,startDate,endDate,ber
    // 3) In S3 hochladen
    await s3.send(
        new PutObjectCommand({
-            Bucket: process.env.S3_BUCKET || "FEDEO",
+            Bucket: secrets.S3_BUCKET,
            Key: fileKey,
            Body: buffer,
            ContentType: "application/zip",
@@ -33,7 +34,7 @@ const createExport = async (server:FastifyInstance,req:any,startDate,endDate,ber
    const url = await getSignedUrl(
        s3,
        new GetObjectCommand({
-            Bucket: process.env.S3_BUCKET || "FEDEO",
+            Bucket: secrets.S3_BUCKET,
            Key: fileKey,
        }),
        { expiresIn: 60 * 60 * 24 }
--- a/src/routes/files.ts
+++ b/src/routes/files.ts
@@ -4,6 +4,7 @@ import { s3 } from "../utils/s3"
 import {GetObjectCommand, PutObjectCommand} from "@aws-sdk/client-s3"
 import {getSignedUrl} from "@aws-sdk/s3-request-presigner";
 import archiver from "archiver"
+import {secrets} from "../utils/secrets"

 export default async function fileRoutes(server: FastifyInstance) {
    await server.register(multipart,{
@@ -59,7 +60,7 @@ export default async function fileRoutes(server: FastifyInstance) {
            const fileKey = `${tenantId}/filesbyid/${createdFileData.id}/${data.filename}`

            await s3.send(new PutObjectCommand({
-                Bucket: process.env.S3_BUCKET || "FEDEO",
+                Bucket: secrets.S3_BUCKET,
                Key: fileKey,
                Body: fileBuffer,
                ContentType: data.mimetype,
@@ -143,7 +144,7 @@ export default async function fileRoutes(server: FastifyInstance) {
                }

                const command = new GetObjectCommand({
-                    Bucket: process.env.S3_BUCKET || "FEDEO",
+                    Bucket: secrets.S3_BUCKET,
                    Key: data.path,
                })

@@ -187,7 +188,7 @@ export default async function fileRoutes(server: FastifyInstance) {

                for (const entry of supabaseFiles) {
                    const command = new GetObjectCommand({
-                        Bucket: process.env.S3_BUCKET || "FEDEO",
+                        Bucket: secrets.S3_BUCKET,
                        Key: entry.path,
                    })

@@ -217,7 +218,7 @@ export default async function fileRoutes(server: FastifyInstance) {
                const {data,error} = await server.supabase.from("files").select("*").eq("id", id).single()

                const command = new GetObjectCommand({
-                    Bucket: process.env.S3_BUCKET || "FEDEO",
+                    Bucket: secrets.S3_BUCKET,
                    Key: data.path,
                });

@@ -256,7 +257,7 @@ export default async function fileRoutes(server: FastifyInstance) {
                        if(!key) console.log(file)

                        const command = new GetObjectCommand({
-                            Bucket: process.env.S3_BUCKET || "FEDEO",
+                            Bucket: secrets.S3_BUCKET,
                            Key: key,
                        })

--- a/src/routes/tenant.ts
+++ b/src/routes/tenant.ts
@@ -1,5 +1,6 @@
 import { FastifyInstance } from "fastify";
 import jwt from "jsonwebtoken";
+import {secrets} from "../utils/secrets";

 export default async function routes(server: FastifyInstance) {
    server.get("/tenant", async (req) => {
@@ -45,7 +46,7 @@ export default async function routes(server: FastifyInstance) {
                email: req.user.email,
                tenant_id: body.tenant_id,
            },
-            process.env.JWT_SECRET!,
+            secrets.JWT_SECRET!,
            { expiresIn: "3h" }
        );