From e7fc8553fb28a0755f4cb62698249eef0970c75f Mon Sep 17 00:00:00 2001
From: Sergey Bolshakov <sevibolshakov@beeline.ru>
Date: Tue, 10 Mar 2026 21:40:18 +0300
Subject: [PATCH] =?UTF-8?q?env=20=D1=84=D0=B0=D0=B9=D0=BB=D1=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/auth/auth.module.ts  | 12 ++++++++----
 src/auth/auth.service.ts |  4 +++-
 src/auth/constants.ts    |  1 -
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/auth/auth.module.ts b/src/auth/auth.module.ts
index f9d1f06..b03dd85 100644
--- a/src/auth/auth.module.ts
+++ b/src/auth/auth.module.ts
@@ -1,5 +1,5 @@
 import { Module } from '@nestjs/common';
-import { ConfigModule } from '@nestjs/config';
+import { ConfigModule, ConfigService } from '@nestjs/config';
 import { AuthService } from './auth.service';
 import { AuthController } from './auth.controller';
 import { UsersModule } from '../users/users.module';
@@ -13,9 +13,13 @@ import { RefreshTokenStoreService } from './refresh-token-store.service';
   imports: [
     ConfigModule,
     UsersModule,
-    JwtModule.register({
-      secret: jwtConstants.secret,
-      signOptions: { expiresIn: jwtConstants.accessTokenExpiresIn },
+    JwtModule.registerAsync({
+      imports: [ConfigModule],
+      useFactory: (configService: ConfigService) => ({
+        secret: configService.get<string>('JWT_SECRET'),
+        signOptions: { expiresIn: jwtConstants.accessTokenExpiresIn },
+      }),
+      inject: [ConfigService],
     }),
   ],
   controllers: [AuthController],
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index fcbdee5..e2ca9c1 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -7,6 +7,7 @@ import {
 } from '@nestjs/common';
 import { UsersService } from '../users/users.service';
 import { User } from 'src/users/user.entity';
+import { ConfigService } from '@nestjs/config';
 import { JwtService } from '@nestjs/jwt';
 import { VerificationStoreService } from './verification-store.service';
 import { SmsService } from './sms.service';
@@ -24,6 +25,7 @@ export class AuthService {
   constructor(
     private usersService: UsersService,
     private jwtService: JwtService,
+    private configService: ConfigService,
     private verificationStore: VerificationStoreService,
     private smsService: SmsService,
     private refreshTokenStore: RefreshTokenStoreService,
@@ -108,7 +110,7 @@ export class AuthService {
       throw new BadRequestException('Недействительный или просроченный refresh token');
     }
     try {
-      this.jwtService.verify(refreshToken, { secret: jwtConstants.secret });
+      this.jwtService.verify(refreshToken, { secret: this.configService.get<string>('JWT_SECRET') });
     } catch {
       this.refreshTokenStore.remove(refreshToken);
       throw new BadRequestException('Недействительный refresh token');
diff --git a/src/auth/constants.ts b/src/auth/constants.ts
index 5a0f092..5c3e9ef 100644
--- a/src/auth/constants.ts
+++ b/src/auth/constants.ts
@@ -1,5 +1,4 @@
 export const jwtConstants = {
-  secret: '6by876hiuGHiugiuG8t78t87tGUYUYg8u7g87',
   /** Access token: 15 минут (в секундах) */
   accessTokenExpiresIn: 15 * 60,
   /** Refresh token: 30 дней (в секундах) */