remove sensitive config

server/authjs-handler.ts

@@ -17,9 +17,6 @@ import { env } from "./env.js";
 import { getDbClient } from "../database/index.js";
 import { JWT } from "@auth/core/jwt";
 
-const POSTGRES_CONNECTION_STRING =
-  "postgres://neondb_owner:npg_sOVmj8vWq2zG@ep-withered-king-adiz9gpi-pooler.c-2.us-east-1.aws.neon.tech:5432/neondb?sslmode=require&channel_binding=true";
-
 if (!globalThis.crypto) {
   /**
    * Polyfill needed if Auth.js code runs on node18
@@ -40,7 +37,7 @@ const authjsConfig = {
   // ),
   trustHost: true,
   // TODO: Replace secret {@see https://authjs.dev/reference/core#secret}
-  secret: "buginoo",
+  secret: env.AUTHJS_SECRET,
   providers: [
     // TODO: Choose and implement providers
     // CredentialsProvider({
@@ -64,15 +61,15 @@ const authjsConfig = {
     //   },
     // }),
     GoogleProvider({
-      clientId:
-        "697711350664-t6237s5n3ttjd1npp1qif1aupptkr0va.apps.googleusercontent.com",
-      clientSecret: "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",
+      clientId: env.GOOGLE_CLIENT_ID,
+      clientSecret: env.GOOGLE_CLIENT_SECRET,
     }),
   ],
   callbacks: {
     async signIn({ user, account, profile }) {
       if (typeof user?.email !== "string") return false;
-      const dbClient = await getDbClient(POSTGRES_CONNECTION_STRING);
+      //@ts-ignore
+      const dbClient = await getDbClient(env.POSTGRES_CONNECTION_STRING);
       let userFromDb = await dbClient
         .selectFrom("users")
         .selectAll()
@@ -98,7 +95,8 @@ const authjsConfig = {
     },
     jwt: async ({ token }) => {
       if (typeof token?.email !== "string") return token;
-      const dbClient = await getDbClient(POSTGRES_CONNECTION_STRING);
+      //@ts-ignore
+      const dbClient = await getDbClient(env.POSTGRES_CONNECTION_STRING);
       let userFromDb = await dbClient
         .selectFrom("users")
         .selectAll()

server/trpc-handler.ts

@@ -27,7 +27,7 @@ export const trpcHandler = ((endpoint) => (request, context, runtime) => {
       );
       const jwt = await getToken({
         req,
-        secret: "buginoo",
+        secret: processEnv.AUTHJS_SECRET,
         /** Needed to specify cookie name because for some reason in production
          * it wasn't reading the correct cookie but in development it was. It
          * was not straightforward to fix the name of the cookie in