From ebfaa7afb151488cf1c278693c42f0ff1c0bf714 Mon Sep 17 00:00:00 2001
From: HardiReady <hardi@noarch.de>
Date: Sat, 3 Feb 2018 21:41:38 +0100
Subject: [PATCH] retrieve jws token from env config

---
 api/routes/authenticate.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/api/routes/authenticate.js b/api/routes/authenticate.js
index e93baa5..065af01 100644
--- a/api/routes/authenticate.js
+++ b/api/routes/authenticate.js
@@ -14,8 +14,6 @@ const checkAdmin = require('../middleware/permission-check').checkAdmin;
 // HTTP status codes by name
 const codes = require('./http-codes');
 
-const config = require('../config/config');
-
 const routerHandling = require('../middleware/router-handling');
 
 const AppUserModel = require('../models/app-user');
@@ -57,12 +55,13 @@ let authCheck = (username, password, res) => {
     }
     if (user && user.activated && bcrypt.compareSync(password, user.password)) {
       // authentication successful
+      var secret = process.env.JWS_SECRET;
       deferred.resolve({
         _id: user._id,
         username: user.username,
         permission: user.permission,
         squad: user.squad,
-        token: jwt.sign({sub: user._id}, config.secret, {expiresIn: diff * 60}),
+        token: jwt.sign({sub: user._id}, secret, {expiresIn: diff * 60}),
         tokenExpireDate: new Date(Date.now().valueOf() + diff * 60000 - 1000)
       });
     } else {