From b443c28e4be5c6993d4c36895e0d87345b995473 Mon Sep 17 00:00:00 2001
From: Tom Butcher <thomasbutcher15@gmail.com>
Date: Sat, 13 Dec 2025 23:54:29 +0000
Subject: [PATCH] Updated secrets held in env vars.

---
 .env.example  | 11 ++---------
 config.json   | 12 ++++--------
 src/config.js | 22 +++++++++++++++++++++-
 3 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/.env.example b/.env.example
index 1189668..fc8d373 100644
--- a/.env.example
+++ b/.env.example
@@ -1,9 +1,2 @@
-DB_LINK="mongo-link-to-connect"
-
-JWT_SECRET="token"
-
-APP_URL_CLIENT=https://material-dashboard-react-node.creative-tim.com
-APP_URL_API=https://node-json-api-free.creative-tim.com/login
-
-MAILTRAP_USER=
-MAILTRAP_PASSWORD=
\ No newline at end of file
+SESSION_SECRET='SECRET'
+KEYCLOAK_CLIENT_SECRET='SECRET'
\ No newline at end of file
diff --git a/config.json b/config.json
index 5eb5531..869c0f2 100644
--- a/config.json
+++ b/config.json
@@ -9,11 +9,9 @@
       "keycloak": {
         "url": "https://auth.tombutcher.work",
         "realm": "master",
-        "clientId": "farmcontrol-client",
-        "clientSecret": "REDACTED"
+        "clientId": "farmcontrol-client"
       },
-      "requiredRoles": [],
-      "sessionSecret": "REDACTED"
+      "requiredRoles": []
     },
     "app": {
       "urlClient": "http://localhost:3000",
@@ -60,11 +58,9 @@
       "keycloak": {
         "url": "https://auth.tombutcher.work",
         "realm": "master",
-        "clientId": "farmcontrol-client",
-        "clientSecret": "REDACTED"
+        "clientId": "farmcontrol-client"
       },
-      "requiredRoles": [],
-      "sessionSecret": "REDACTED"
+      "requiredRoles": []
     },
     "app": {
       "urlClient": "http://localhost:3000",
diff --git a/src/config.js b/src/config.js
index 5c2e15a..c60407e 100644
--- a/src/config.js
+++ b/src/config.js
@@ -25,7 +25,27 @@ function loadConfig() {
       throw new Error(`Configuration for environment '${NODE_ENV}' not found in config.json`);
     }
 
-    return config[NODE_ENV];
+    const envConfig = config[NODE_ENV];
+
+    // Override secrets with environment variables if available
+    if (process.env.KEYCLOAK_CLIENT_SECRET) {
+      if (!envConfig.auth) {
+        envConfig.auth = {};
+      }
+      if (!envConfig.auth.keycloak) {
+        envConfig.auth.keycloak = {};
+      }
+      envConfig.auth.keycloak.clientSecret = process.env.KEYCLOAK_CLIENT_SECRET;
+    }
+
+    if (process.env.SESSION_SECRET) {
+      if (!envConfig.auth) {
+        envConfig.auth = {};
+      }
+      envConfig.auth.sessionSecret = process.env.SESSION_SECRET;
+    }
+
+    return envConfig;
   } catch (err) {
     console.error('Error loading config:', err);
     throw err;