Code Room
Code reviewMedium
Question
Review this Node config module for the JWT signing secret.
What a strong answer looks like
Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.
Learn the concepts
const jwt = require('jsonwebtoken'); const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-change-me'; function sign(payload) { return jwt.sign(payload, JWT_SECRET, { algorithm: 'HS256', expiresIn: '7d' });} function verify(token) { return jwt.verify(token, JWT_SECRET, { algorithms: ['HS256'] });} module.exports = { sign, verify, JWT_SECRET };Run or narrate your approach, then ask the coach.