From 00817ca13a9be1d9a124d623d11e1df4a9b7a425 Mon Sep 17 00:00:00 2001
From: Steve Cassidy <steve.cassidy@mq.edu.au>
Date: Mon, 20 May 2024 22:26:48 +1000
Subject: [PATCH] replace hard coded secret with uuid

Signed-off-by: Steve Cassidy <steve.cassidy@mq.edu.au>
---
 src/buildconfig.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/buildconfig.ts b/src/buildconfig.ts
index 07e754fc..ba6cb6eb 100644
--- a/src/buildconfig.ts
+++ b/src/buildconfig.ts
@@ -19,6 +19,7 @@
  *   which server to use and whether to include test data
  */
 
+import {v4 as uuidv4} from 'uuid';
 import nodemailer from 'nodemailer';
 
 const TRUTHY_STRINGS = ['true', '1', 'on', 'yes'];
@@ -183,8 +184,8 @@ function instance_name(): string {
 function cookie_secret(): string {
   const cookie = process.env.FAIMS_COOKIE_SECRET;
   if (cookie === '' || cookie === undefined) {
-    console.log('FAIMS_COOKIE_SECRET not set, using default');
-    return 'ahquoo4ohfaGh1oozoinai9ulah8ouge';
+    console.log('FAIMS_COOKIE_SECRET not set, using generated secret');
+    return uuidv4();
   } else {
     return cookie;
   }