From ff4ef4363b604111e7e6f92fb0d7c32d0010463f Mon Sep 17 00:00:00 2001 From: johndoe6345789 Date: Tue, 10 Mar 2026 13:45:20 +0000 Subject: [PATCH] fix(ci): lazy-init JWT secret to avoid build-time crash in postgres frontend The JWT_SECRET env var was evaluated at module load time, causing Next.js static page generation to fail in CI where the variable is not set. Co-Authored-By: Claude Opus 4.6 --- frontends/postgres/src/utils/session.ts | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/frontends/postgres/src/utils/session.ts b/frontends/postgres/src/utils/session.ts index 56a0baa60..1a8e7735c 100644 --- a/frontends/postgres/src/utils/session.ts +++ b/frontends/postgres/src/utils/session.ts @@ -3,19 +3,20 @@ import { cookies } from 'next/headers'; const SESSION_COOKIE_NAME = 'admin-session'; -// Get JWT secret and throw error if not provided +// Get JWT secret lazily to avoid build-time errors during static page generation +let _jwtSecret: Uint8Array | null = null; + function getJwtSecret(): Uint8Array { - const secret = process.env.JWT_SECRET; - - if (!secret) { - throw new Error('JWT_SECRET environment variable is required'); + if (!_jwtSecret) { + const secret = process.env.JWT_SECRET; + if (!secret) { + throw new Error('JWT_SECRET environment variable is required'); + } + _jwtSecret = new TextEncoder().encode(secret); } - - return new TextEncoder().encode(secret); + return _jwtSecret; } -const JWT_SECRET = getJwtSecret(); - export type SessionData = { userId: number; username: string; @@ -26,7 +27,7 @@ export async function createSession(data: SessionData): Promise { .setProtectedHeader({ alg: 'HS256' }) .setIssuedAt() .setExpirationTime('24h') - .sign(JWT_SECRET); + .sign(getJwtSecret()); return token; } @@ -51,7 +52,7 @@ export async function getSession(): Promise { } try { - const { payload } = await jwtVerify(token, JWT_SECRET); + const { payload } = await jwtVerify(token, getJwtSecret()); return payload as SessionData; } catch { return null;