diff options
| author | erdgeist <erdgeist@erdgeist.org> | 2025-01-06 03:11:42 +0100 |
|---|---|---|
| committer | erdgeist <erdgeist@erdgeist.org> | 2025-01-06 03:11:42 +0100 |
| commit | 780835e52c009f2ecbeca79f656b04577b8fcd64 (patch) | |
| tree | 31b9165f8b6528392fe8bb87434a569ecf458756 | |
| parent | 9498dc9d788c222485b8af64860128b4d33bb039 (diff) | |
Enforce a server secret in production
| -rw-r--r-- | config.json | 1 | ||||
| -rwxr-xr-x | halfnarp2.py | 7 |
2 files changed, 7 insertions, 1 deletions
diff --git a/config.json b/config.json index d34e97b..ab6374e 100644 --- a/config.json +++ b/config.json | |||
| @@ -1,5 +1,6 @@ | |||
| 1 | { | 1 | { |
| 2 | "server-name": "halfnarp.events.ccc.de", | 2 | "server-name": "halfnarp.events.ccc.de", |
| 3 | "server-secret": "<YOUR SERVER SECRET HERE>", | ||
| 3 | "host": "127.0.0.1", | 4 | "host": "127.0.0.1", |
| 4 | "port": 5023, | 5 | "port": 5023, |
| 5 | "websocket-host": "localhost", | 6 | "websocket-host": "localhost", |
diff --git a/halfnarp2.py b/halfnarp2.py index a6f4d1c..f13f967 100755 --- a/halfnarp2.py +++ b/halfnarp2.py | |||
| @@ -268,7 +268,12 @@ if __name__ == "__main__": | |||
| 268 | ) | 268 | ) |
| 269 | app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False | 269 | app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False |
| 270 | app.config["SERVER_NAME"] = config.get("server-name", "localhost") | 270 | app.config["SERVER_NAME"] = config.get("server-name", "localhost") |
| 271 | app.config["SECRET_KEY"] = "<YOUR SERVER SECRET HERE>" | 271 | app.config["SECRET_KEY"] = config.get("server-secret", "<YOUR SERVER SECRET HERE>") |
| 272 | |||
| 273 | if app.config["SECRET_KEY"] == "<YOUR SERVER SECRET HERE>": | ||
| 274 | print ("You must set the server-secret in your config.json") | ||
| 275 | sys.exit(1) | ||
| 276 | |||
| 272 | app.jinja_env.trim_blocks = True | 277 | app.jinja_env.trim_blocks = True |
| 273 | app.jinja_env.lstrip_blocks = True | 278 | app.jinja_env.lstrip_blocks = True |
| 274 | CORS() | 279 | CORS() |