JWT_SECRET Empty String Fallback Exposes Backend to Token Forgery Risk

A critical authentication bypass vector has been identified in backend configuration files where JWT_SECRET defaults to an empty string when not explicitly set. The vulnerability exists in backend/src/config/env.js and enables attackers to forge valid JWT tokens without knowledge of the intended secret key, effectively circumventing session authentication across the application.

The core issue stems from the fact that an empty string constitutes a valid HMAC signing key in most JWT libraries. When developers deploy the server without configuring JWT_SECRET, the application silently accepts this insecure default rather than rejecting the configuration outright. The vulnerability extends to backend/src/server.js, which currently lacks startup validation to catch missing or insufficiently strong secrets. Three files are directly implicated: env.js, server.js, and .env.example.

The proposed fix mandates strict validation at server startup. Implementation requires removing the empty string fallback from env.js, adding explicit validation in server.js that throws an error if JWT_SECRET is missing or shorter than 32 characters, and updating .env.example to clearly document the security requirement. The acceptance criteria specify that the server must refuse to start entirely when presented with an invalid configuration, providing a clear startup error rather than proceeding in an insecure state. This represents a common but frequently overlooked class of supply chain misconfiguration in authentication systems.