security: redigir senha de DB e JWT_SECRET em test-db2.js e EXEMPLO-ENV.txt (T5.6 cont.)

test-db2.js usava DB_PASSWORD e machine_token hardcoded -> process.env.
EXEMPLO-ENV.txt tinha o JWT_SECRET real -> placeholder. Rotação ainda mandatória.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
VPS 4 Deploy Agent
2026-06-12 21:21:32 +02:00
parent 4616f20df9
commit 2b679a5473
2 changed files with 5 additions and 5 deletions
+3 -3
View File
@@ -9,9 +9,9 @@
PORT=3000 PORT=3000
NODE_ENV=production NODE_ENV=production
# Chaves JWT geradas (64 caracteres hex cada) # Chaves JWT gerar e DEFINIR NO .secrets (fora do git). NÃO commitar valores reais.
JWT_SECRET=9f8e7d6c5b4a39281802384f5e6d7c8b9a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5 JWT_SECRET=__DEFINIR_NO_.secrets__
SESSION_SECRET=a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0 SESSION_SECRET=__DEFINIR_NO_.secrets__
# Configure seu MySQL (AJUSTE APENAS A SENHA!) # Configure seu MySQL (AJUSTE APENAS A SENHA!)
DB_HOST=localhost DB_HOST=localhost
+2 -2
View File
@@ -3,12 +3,12 @@ const pool = new Pool({
host: '10.99.0.3', host: '10.99.0.3',
port: 5432, port: 5432,
user: 'clube67', user: 'clube67',
password: 'clube67_db_pass_9903', password: process.env.DB_PASSWORD, // NÃO hardcodar segredo
database: 'dental_images' database: 'dental_images'
}); });
async function test() { async function test() {
const token = 'bab18d5a-09af-4759-b742-4e1eeb651694'; const token = process.env.TEST_MACHINE_TOKEN || ''; // não hardcodar machine_token
const email = 'ruibto@gmail.com'; const email = 'ruibto@gmail.com';
console.log("Looking up token:", token); console.log("Looking up token:", token);
const res = await pool.query(`SELECT * FROM clinics_devices WHERE machine_token = $1`, [token]); const res = await pool.query(`SELECT * FROM clinics_devices WHERE machine_token = $1`, [token]);