add a constant hash secret to avoid 401 in vercel (#840)

packages/apps/job-launcher/server/.env.example

@@ -26,6 +26,7 @@ RECORDING_ORACLE_ADDRESS=
 REPUTATION_ORACLE_ADDRESS=
 
 # Auth
+HASH_SECRET=a328af3fc1dad15342cc3d68936008fa
 JWT_SECRET=test-secret
 JWT_ACCESS_TOKEN_EXPIRES_IN=1d
 JWT_REFRESH_TOKEN_EXPIRES_IN=1d

packages/apps/job-launcher/server/src/common/config/env.ts

@@ -6,6 +6,7 @@ export const ConfigNames = {
   PORT: 'PORT',
   FE_URL: 'FE_URL',
   SESSION_SECRET: 'SESSION_SECRET',
+  HASH_SECRET: 'HASH_SECRET',
   JWT_SECRET: 'JWT_SECRET',
   JWT_ACCESS_TOKEN_EXPIRES_IN: 'JWT_ACCESS_TOKEN_EXPIRES_IN',
   JWT_REFRESH_TOKEN_EXPIRES_IN: 'JWT_REFRESH_TOKEN_EXPIRES_IN',
@@ -52,7 +53,8 @@ export const envValidator = Joi.object({
   FE_URL: Joi.string().default('http://localhost:3005'),
   SESSION_SECRET: Joi.string().default('session_key'),
   // Auth
-  JWT_SECRET: Joi.string().default('secrete'),
+  HASH_SECRET: Joi.string().default('a328af3fc1dad15342cc3d68936008fa'),
+  JWT_SECRET: Joi.string().default('secret'),
   JWT_ACCESS_TOKEN_EXPIRES_IN: Joi.string().default(1000000000),
   JWT_REFRESH_TOKEN_EXPIRES_IN: Joi.string().default(1000000000),
   // Database

packages/apps/job-launcher/server/src/modules/auth/auth.service.ts

@@ -24,7 +24,7 @@ import { TokenRepository } from './token.repository';
 import { AuthRepository } from './auth.repository';
 import { ConfigNames } from '../../common/config';
 import { ConfigService } from '@nestjs/config';
-import { createHash, randomBytes } from 'crypto';
+import { createHash } from 'crypto';
 import { SendGridService } from '../sendgrid/sendgrid.service';
 
 @Injectable()
@@ -47,7 +47,10 @@ export class AuthService {
       '100000000',
     );
 
-    this.salt = randomBytes(16).toString('hex');
+    this.salt = this.configService.get<string>(
+      ConfigNames.HASH_SECRET,
+      'a328af3fc1dad15342cc3d68936008fa',
+    );
     this.feURL = this.configService.get<string>(
       ConfigNames.FE_URL,
       'http://localhost:3005',