The JWT key used to encrypt user tokens should be moved from appsettings to usersecrets.
An example on how to do that can be found at: https://dev.to/eduardstefanescu/jwt-authentication-with-symmetric-encryption-in-asp-net-core-2i53
Here should be the rough steps outlined:
enable user secrets
dotnet user-secrets init
generate a random key and set it in user settings
dotnet user-secrets set "JavaWebTokenSettings:EncryptionKey" "$(openssl rand -base64 32)"
Tasks for this issue:
- Move key from appsettings to usersecrets
- Update project documentation to include the key generation step
The JWT key used to encrypt user tokens should be moved from appsettings to usersecrets.
An example on how to do that can be found at: https://dev.to/eduardstefanescu/jwt-authentication-with-symmetric-encryption-in-asp-net-core-2i53
Here should be the rough steps outlined:
enable user secrets
dotnet user-secrets initgenerate a random key and set it in user settings
dotnet user-secrets set "JavaWebTokenSettings:EncryptionKey" "$(openssl rand -base64 32)"Tasks for this issue: