From 45616df16da34b170cc290ae88abac94a8b6dc32 Mon Sep 17 00:00:00 2001
From: Ruben van de Ven <git@rubenvandeven.com>
Date: Tue, 3 Dec 2019 13:26:42 +0100
Subject: [PATCH] Secret key generation on the device instead of storing it in
 git

---
 .gitignore            |  2 ++
 contextualise.py      | 17 +++++++++++++++--
 templates/layout.html |  2 +-
 3 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..840a053
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+secret.key
+
diff --git a/contextualise.py b/contextualise.py
index 4aaaf56..24803f6 100644
--- a/contextualise.py
+++ b/contextualise.py
@@ -10,6 +10,8 @@ from PIL import Image, ImageDraw, ImageFont
 import numpy as np
 from itertools import zip_longest
 import collections
+import random
+import string
 
 
 app = Flask(__name__, static_url_path='', static_folder="static", template_folder="templates")
@@ -41,8 +43,19 @@ pathofwords = []
 pathofnumbers = []
 
 #VARS FOR THE SESSIONS
-app.secret_key = 'your secret'
-app.config['SESSION_TYPE'] = 'filesystem'
+# We don't want to store the secret key in git, but also don't really care what it is
+# so generate it and store it to a file that's not in git:
+current_dir = os.path.dirname(os.path.realpath(__file__))
+secret_key_file = os.path.join(current_dir, 'secret.key')
+if os.path.exists(secret_key_file):
+    with open(secret_key_file, 'r') as fp:
+        secret_key = fp.read()
+else:
+    secret_key = ''.join(random.choice(string.ascii_lowercase) for i in range(100))
+    with open(secret_key_file, 'w') as fp:
+        fp.write(secret_key)
+app.secret_key = secret_key
+#app.config['SESSION_TYPE'] = 'filesystem' # works only for flask-session (we use native flask cookie-sessions)
 
 def clearSession():
     # Flask sessions are serialised into a cookie, so we cannot use the deque here
diff --git a/templates/layout.html b/templates/layout.html
index c2277ce..27b991f 100644
--- a/templates/layout.html
+++ b/templates/layout.html
@@ -13,7 +13,7 @@
 <div id="top">
 <!-- WORDPATH -->
 <div id="thewordpath">
-  {% if functionsession %}[<a href='/clear'>x</a>]{% endif %}
+  {% if functionsession %}[<a href='/clear' title='Clear current score'>x</a>]{% endif %}
   {% for item in functionsession %}
     <span class="word">{{ item }} ▶ </span>
   {% endfor %}