docs: 更新 Docker 部署文档强调 JWT_SECRET 配置重要性

- docker-compose.yml: 添加注释说明设置固定 JWT_SECRET 可防止容器重启后登录失效 - .env.example: 添加 openssl rand -hex 32 生成安全密钥的命令
2026-01-06 09:44:54 +08:00
parent 7dbbfc22b6
commit 2920409404
2 changed files with 8 additions and 2 deletions
--- a/deploy/docker-compose.yml
+++ b/deploy/docker-compose.yml
@@ -72,7 +72,10 @@ services:
      # =======================================================================
      # JWT Configuration
      # =======================================================================
-      # Leave empty to auto-generate (recommended)
+      # IMPORTANT: Set a fixed JWT_SECRET to prevent login sessions from being
+      # invalidated after container restarts. If left empty, a random secret
+      # will be generated on each startup.
+      # Generate a secure secret: openssl rand -hex 32
      - JWT_SECRET=${JWT_SECRET:-}
      - JWT_EXPIRE_HOUR=${JWT_EXPIRE_HOUR:-24}