Secret key generation on the device instead of storing it in git

This commit is contained in:
Ruben van de Ven 2019-12-03 13:26:42 +01:00
parent 2a8903905e
commit 45616df16d
3 changed files with 18 additions and 3 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
secret.key

View File

@ -10,6 +10,8 @@ from PIL import Image, ImageDraw, ImageFont
import numpy as np
from itertools import zip_longest
import collections
import random
import string
app = Flask(__name__, static_url_path='', static_folder="static", template_folder="templates")
@ -41,8 +43,19 @@ pathofwords = []
pathofnumbers = []
#VARS FOR THE SESSIONS
app.secret_key = 'your secret'
app.config['SESSION_TYPE'] = 'filesystem'
# We don't want to store the secret key in git, but also don't really care what it is
# so generate it and store it to a file that's not in git:
current_dir = os.path.dirname(os.path.realpath(__file__))
secret_key_file = os.path.join(current_dir, 'secret.key')
if os.path.exists(secret_key_file):
with open(secret_key_file, 'r') as fp:
secret_key = fp.read()
else:
secret_key = ''.join(random.choice(string.ascii_lowercase) for i in range(100))
with open(secret_key_file, 'w') as fp:
fp.write(secret_key)
app.secret_key = secret_key
#app.config['SESSION_TYPE'] = 'filesystem' # works only for flask-session (we use native flask cookie-sessions)
def clearSession():
# Flask sessions are serialised into a cookie, so we cannot use the deque here

View File

@ -13,7 +13,7 @@
<div id="top">
<!-- WORDPATH -->
<div id="thewordpath">
{% if functionsession %}[<a href='/clear'>x</a>]{% endif %}
{% if functionsession %}[<a href='/clear' title='Clear current score'>x</a>]{% endif %}
{% for item in functionsession %}
<span class="word">{{ item }} ▶ </span>
{% endfor %}