From 8d2c1b97ab97c882c46a5b05afbe01ae84843044 Mon Sep 17 00:00:00 2001
From: Simon Willison <swillison@gmail.com>
Date: Tue, 7 Sep 2021 21:56:48 -0700
Subject: [PATCH] Persist cookie signing secret across restarts, closes #69

---
 main.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/main.js b/main.js
index 4843aae..5662e2d 100644
--- a/main.js
+++ b/main.js
@@ -21,6 +21,8 @@ const util = require("util");
 const execFile = util.promisify(cp.execFile);
 const mkdir = util.promisify(fs.mkdir);
 
+const RANDOM_SECRET = crypto.randomBytes(32).toString("hex");
+
 function configureWindow(window) {
   window.webContents.on("will-navigate", function (event, reqUrl) {
     // Links to external sites should open in system browser
@@ -129,6 +131,7 @@ class DatasetteServer {
       const process = cp.spawn(datasette_bin, this.serverArgs(), {
         env: {
           DATASETTE_API_TOKEN: this.apiToken,
+          DATASETTE_SECRET: RANDOM_SECRET,
         },
       });
       this.process = process;