From 71c9b5151f42f99122e54303cd8d2220413aaba3 Mon Sep 17 00:00:00 2001
From: Alexey Golubev <alexey.golubev@onlyoffice.com>
Date: Mon, 22 Aug 2022 15:32:58 +0300
Subject: [PATCH] Enable JWT auth by default

Also generate JWT secret if it doesn't set.
---
 run-document-server.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/run-document-server.sh b/run-document-server.sh
index cfba7a0..e5f1e60 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -73,7 +73,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
 NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
 
-JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_ENABLED=${JWT_ENABLED:-true}
 
 # validate user's vars before usinig in json
 if [ "${JWT_ENABLED}" == "true" ]; then
@@ -82,7 +82,7 @@ else
   JWT_ENABLED="false"
 fi
 
-JWT_SECRET=${JWT_SECRET:-secret}
+JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}