fix BUG-50, remove secret_token use, it caused every new instance of Flask to auth - mild irritation, BUT, caused each gunicorn thread to have a different key -- this does not work, back to a random static val and live with it

2021-09-13 17:55:49 +10:00
parent 5bb2195239
commit 238a813ccc
1 changed files with 1 additions and 2 deletions
--- a/main.py
+++ b/main.py
@@ -8,7 +8,6 @@ from flask_wtf import FlaskForm
 import os
 import re
 import socket
-import secrets
 from status import st, Status
 from shared import CreateSelect, CreateFoldersSelect, LocationIcon, DB_URL, PROD_HOST

@@ -29,7 +28,7 @@ app = Flask(__name__)
 app.config['SQLALCHEMY_DATABASE_URI'] = DB_URL
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 app.config['ENV'] = os.environ['FLASK_ENV']
-app.config['SECRET_KEY'] = secrets.token_bytes(64)
+app.config['SECRET_KEY'] = b'my_insecure_PA_token_with_random_2134876adsfjhlkasdf87'

 # ldap config vars: (the last one is required, or python ldap freaks out)
 app.config['LDAP_HOST'] = 'mara.ddp.net'