node: allow JWT pass by file only #24579 (#1035)

2026-06-19 21:31:37 +00:00 · 2025-05-16 12:01:36 +08:00 · 2025-05-16 12:01:36 +08:00 · c145287e87
commit c145287e87
parent d81a5b6be1
2 changed files with 3 additions and 12 deletions
--- a/cmd/utils/flags.go
+++ b/cmd/utils/flags.go
@ -418,7 +418,7 @@ var (
 	}
 	JWTSecretFlag = &cli.StringFlag{
 		Name:     "authrpc-jwtsecret",
-		Usage:    "JWT secret (or path to a jwt secret) to use for authenticated RPC endpoints",
+		Usage:    "Path to a JWT secret to use for authenticated RPC endpoints",
 		Category: flags.APICategory,
 	}

--- a/node/node.go
+++ b/node/node.go
@ -354,17 +354,8 @@ func (n *Node) closeDataDir() {
 // or from the default location. If neither of those are present, it generates
 // a new secret and stores to the default location.
 func (n *Node) obtainJWTSecret(cliParam string) ([]byte, error) {
-	var fileName string
-	if len(cliParam) > 0 {
-		// If a plaintext secret was provided via cli flags, use that
-		jwtSecret := common.FromHex(cliParam)
-		if len(jwtSecret) == 32 && strings.HasPrefix(cliParam, "0x") {
-			log.Warn("Plaintext JWT secret provided, please consider passing via file")
-			return jwtSecret, nil
-		}
-		// path provided
-		fileName = cliParam
-	} else {
+	fileName := cliParam
+	if len(fileName) == 0 {
 		// no path provided, use default
 		fileName = n.ResolvePath(datadirJWTKey)
 	}