botserver/src/meet/webinar.rs at de017241f2cc8b023dc15e4fbfb7b88e7b3b9dd4 - GeneralBots/botserver - General Bots: Errar é humano. Ass.: General Bots.

GeneralBots/botserver

Rodrigo Rodriguez e143968179 feat: Add JWT secret rotation and health verification

SEC-02: Implement credential rotation security improvements

- Add JWT secret rotation to rotate-secret command
- Generate 64-character HS512-compatible secrets
- Automatic .env backup with timestamp
- Atomic file updates via temp+rename pattern
- Add health verification for rotated credentials
- Route rotate-secret, rotate-secrets, vault commands in CLI
- Add verification attempts for database and JWT endpoints

Security improvements:
- JWT_SECRET now rotatable (previously impossible)
- Automatic rollback via backup files
- Health checks catch configuration errors
- Clear warnings about token invalidation

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-19 19:42:41 +00:00

3 lines

69 B

Rust

Raw Blame History

	`use crate::meet::webinar_api::*;`
	`use crate::meet::webinar_types::*;`