From 8887cb7a2650f02d186f119f94d830efa1a634b6 Mon Sep 17 00:00:00 2001
From: Evgeniy Antonyuk <antonyuk.evgenyiy@onlyoffice.com>
Date: Mon, 22 Aug 2022 20:27:10 +0300
Subject: [PATCH] Enable JWT by default and add a JWT status message (#482)

* Enable JWT by default and add a JWT status message

* Correct JWT message

* Add a condition for displaying a JWT message

* Minor correction

* Minor correction
---
 run-document-server.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/run-document-server.sh b/run-document-server.sh
index cfba7a0..f18aa1c 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -73,7 +73,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
 NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
 
-JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_ENABLED=${JWT_ENABLED:-true}
 
 # validate user's vars before usinig in json
 if [ "${JWT_ENABLED}" == "true" ]; then
@@ -82,7 +82,9 @@ else
   JWT_ENABLED="false"
 fi
 
-JWT_SECRET=${JWT_SECRET:-secret}
+[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT."
+
+JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}
 
@@ -641,3 +643,5 @@ documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
 
 tail -f /var/log/${COMPANY_NAME}/**/*.log &
 wait $!
+
+echo "${JWT_MESSAGE}"