Fix various bugs (#37096)

* Fix #36001 * Fix #35498 * Fix #35395 * Fix #35160 * Fix #35058 * Fix #35445
2026-05-25 16:08:46 +09:00 · 2026-04-04 04:03:59 +08:00
parent f9f9876f2c
commit 2c2d7e6f64
18 changed files with 113 additions and 78 deletions
--- a/modules/generate/generate.go
+++ b/modules/generate/generate.go
@@ -54,13 +54,13 @@ func DecodeJwtSecretBase64(src string) ([]byte, error) {
 }

 // NewJwtSecretWithBase64 generates a jwt secret with its base64 encoded value intended to be used for saving into config file
-func NewJwtSecretWithBase64() ([]byte, string, error) {
+func NewJwtSecretWithBase64() ([]byte, string) {
 	bytes := make([]byte, defaultJwtSecretLen)
-	_, err := io.ReadFull(rand.Reader, bytes)
+	_, err := rand.Read(bytes)
 	if err != nil {
-		return nil, "", err
+		panic(err) // rand.Read never fails
 	}
-	return bytes, base64.RawURLEncoding.EncodeToString(bytes), nil
+	return bytes, base64.RawURLEncoding.EncodeToString(bytes)
 }

 // NewSecretKey generate a new value intended to be used by SECRET_KEY.
--- a/modules/generate/generate_test.go
+++ b/modules/generate/generate_test.go
@@ -25,10 +25,12 @@ func TestDecodeJwtSecretBase64(t *testing.T) {
 }

 func TestNewJwtSecretWithBase64(t *testing.T) {
-	secret, encoded, err := NewJwtSecretWithBase64()
-	assert.NoError(t, err)
+	secret, encoded := NewJwtSecretWithBase64()
 	assert.Len(t, secret, 32)
 	decoded, err := DecodeJwtSecretBase64(encoded)
 	assert.NoError(t, err)
 	assert.Equal(t, secret, decoded)
+
+	secret2, _ := NewJwtSecretWithBase64()
+	assert.NotEqual(t, secret, secret2)
 }