youngkingdom/coze-studio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(plugin): enhanced AES encryption security (#533)

Browse Source
This commit is contained in:
mrh997
2025-08-04 20:03:31 +08:00
committed by GitHub
parent 36923bd0a4
commit f80d4f757b
8 changed files with 230 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docker/.env.debug.example
View File

@ -219,3 +219,10 @@ export CODE_RUNNER_MEMORY_LIMIT_MB=""
export DISABLE_USER_REGISTRATION="" # default "", if you want to disable, set to true
export ALLOW_REGISTRATION_EMAIL="" # is a list of email addresses, separated by ",". Example: "11@example.com,22@example.com"
# Plugin AES secret
# PLUGIN_AES_AUTH_SECRET is the secret of used to encrypt plugin authorization payload.
export PLUGIN_AES_AUTH_SECRET="^*6x3hdu2nc%-p38"
# PLUGIN_AES_STATE_SECRET is the secret of used to encrypt oauth state.
export PLUGIN_AES_STATE_SECRET="osj^kfhsd*(z!sno"
# PLUGIN_AES_OAUTH_TOKEN_SECRET is the secret of used to encrypt oauth refresh token and access token.
export PLUGIN_AES_OAUTH_TOKEN_SECRET="cn+$PJ(HhJ[5d*z9"

7
docker/.env.example
View File

@ -219,3 +219,10 @@ export CODE_RUNNER_MEMORY_LIMIT_MB=""
export DISABLE_USER_REGISTRATION="" # default "", if you want to disable, set to true
export ALLOW_REGISTRATION_EMAIL="" # is a list of email addresses, separated by ",". Example: "11@example.com,22@example.com"
# Plugin AES secret
# PLUGIN_AES_AUTH_SECRET is the secret of used to encrypt plugin authorization payload.
export PLUGIN_AES_AUTH_SECRET="^*6x3hdu2nc%-p38"
# PLUGIN_AES_STATE_SECRET is the secret of used to encrypt oauth state.
export PLUGIN_AES_STATE_SECRET="osj^kfhsd*(z!sno"
# PLUGIN_AES_OAUTH_TOKEN_SECRET is the secret of used to encrypt oauth refresh token and access token.
export PLUGIN_AES_OAUTH_TOKEN_SECRET="cn+$PJ(HhJ[5d*z9"