From 238a813cccc6f689142539e3e593fe8dd17c85bc Mon Sep 17 00:00:00 2001
From: Damien De Paoli <ddp@depaoli.id.au>
Date: Mon, 13 Sep 2021 17:55:49 +1000
Subject: [PATCH] fix BUG-50, remove secret_token use, it caused every new
 instance of Flask to auth - mild irritation, BUT, caused each gunicorn thread
 to have a different key -- this does not work, back to a random static val
 and live with it

---
 main.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/main.py b/main.py
index 8be4194..cc6ec24 100644
--- a/main.py
+++ b/main.py
@@ -8,7 +8,6 @@ from flask_wtf import FlaskForm
 import os
 import re
 import socket
-import secrets
 from status import st, Status
 from shared import CreateSelect, CreateFoldersSelect, LocationIcon, DB_URL, PROD_HOST
 
@@ -29,7 +28,7 @@ app = Flask(__name__)
 app.config['SQLALCHEMY_DATABASE_URI'] = DB_URL
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 app.config['ENV'] = os.environ['FLASK_ENV']
-app.config['SECRET_KEY'] = secrets.token_bytes(64)
+app.config['SECRET_KEY'] = b'my_insecure_PA_token_with_random_2134876adsfjhlkasdf87'
 
 # ldap config vars: (the last one is required, or python ldap freaks out)
 app.config['LDAP_HOST'] = 'mara.ddp.net'