Updated the secret key logic

angular/index.html

@@ -8,5 +8,5 @@
 <link rel="stylesheet" href="styles.7e944f30e4357f41ed14.css"></head>
 <body>
   <rtl-app></rtl-app>
-<script type="text/javascript" src="runtime.ec2944dd8b20ec099bf3.js"></script><script type="text/javascript" src="polyfills.418928a701f2040ada02.js"></script><script type="text/javascript" src="main.efff2a0803223cb3565a.js"></script></body>
+<script type="text/javascript" src="runtime.ec2944dd8b20ec099bf3.js"></script><script type="text/javascript" src="polyfills.418928a701f2040ada02.js"></script><script type="text/javascript" src="main.dc5615cdea2d3a3a2e6c.js"></script></body>
 </html>

app.js

@@ -24,7 +24,7 @@ const switchRoutes = require("./routes/switch");
 const baseHref = '/rtl/';
 const apiRoot = baseHref + 'api/';
 
-app.use(cookieParser(common.cookieParserSecret));
+app.use(cookieParser(common.secret_key));
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({ extended: false }));
 app.use(baseHref, express.static(path.join(__dirname, "angular")));

common.js

@@ -16,7 +16,7 @@ common.rtl_sso = 0;
 common.rtl_cookie_path = '';
 common.logout_redirect_link = '/login';
 common.cookie = '';
-common.cookieParserSecret = crypto.randomBytes(64).toString('hex');
+common.secret_key = crypto.randomBytes(64).toString('hex');
 
 common.convertToBTC = (num) => {
 	return (num / 100000000).toFixed(6);
@@ -49,4 +49,4 @@ common.newestOnTop = (array, key, value) => {
     return array;
 }
 
-module.exports = common;
+module.exports = common;

connect.js

@@ -282,4 +282,4 @@ const configFileExists = () => {
   }
 }
 configFileExists();
-module.exports = options;
+module.exports = options;

controllers/authenticate.js

@@ -32,7 +32,7 @@ exports.authenticateUser = (req, res, next) => {
     if (common.cookie === access_key) {
       const token = jwt.sign(
         { user: 'Custom_User', lndConfigPath: common.lnd_config_path, macaroonPath: common.macaroon_path },
-        'default_secret_key'
+        common.secret_key
       );
       res.status(200).json({ token: token });
     } else {
@@ -48,7 +48,7 @@ exports.authenticateUser = (req, res, next) => {
         var rpcUser = 'Custom_User';
         const token = jwt.sign(
           { user: rpcUser, lndConfigPath: common.lnd_config_path, macaroonPath: common.macaroon_path },
-          'default_secret_key'
+          common.secret_key
         );
         res.status(200).json({ token: token });
       } else {
@@ -72,7 +72,7 @@ exports.authenticateUser = (req, res, next) => {
               var rpcUser = (undefined !== jsonLNDConfig.Bitcoind['bitcoind.rpcuser']) ? jsonLNDConfig.Bitcoind['bitcoind.rpcuser'] : '';
               const token = jwt.sign(
                 { user: rpcUser, lndConfigPath: common.lnd_config_path, macaroonPath: common.macaroon_path },
-                'default_secret_key'
+                common.secret_key
               );
               res.status(200).json({ token: token });
             } else {

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "rtl",
-  "version": "0.2.9-beta",
+  "version": "0.2.11-beta",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "rtl",
-  "version": "0.2.9-beta",
+  "version": "0.2.11-beta",
   "license": "MIT",
   "scripts": {
     "ng": "ng",
@@ -33,8 +33,8 @@
     "@swimlane/ngx-charts": "^10.0.0",
     "angular-user-idle": "^2.0.0",
     "angularx-qrcode": "^1.5.3",
-    "atob": "^2.1.2",
     "cookie-parser": "^1.4.4",
+    "atob": "^2.1.2",
     "core-js": "^2.5.4",
     "express": "^4.16.4",
     "hammerjs": "^2.0.8",

routes/authCheck.js

@@ -1,9 +1,10 @@
 const jwt = require("jsonwebtoken");
+var common = require('../common');
 
 module.exports = (req, res, next) => {
   try {
     const token = req.headers.authorization.split(" ")[1];
-    jwt.verify(token, "default_secret_key");
+    jwt.verify(token, common.secret_key);
     next();
   } catch (error) {
     res.status(401).json({