Document ways to generate secret keys. This fixes #47.
This commit is contained in:
Armin Ronacher
parent
58285b61ff
commit
1264c458ae
1 changed files with 13 additions and 0 deletions
|
|
@ -659,6 +659,19 @@ sessions work::
|
||||||
The here mentioned :func:`~flask.escape` does escaping for you if you are
|
The here mentioned :func:`~flask.escape` does escaping for you if you are
|
||||||
not using the template engine (like in this example).
|
not using the template engine (like in this example).
|
||||||
|
|
||||||
|
.. admonition:: How to generate good Secret Keys
|
||||||
|
|
||||||
|
The problem with random is that it's hard to judge what random is. And
|
||||||
|
a secret key should be as random as possible. Your operating system
|
||||||
|
has ways to generate pretty random stuff based on a cryptographical
|
||||||
|
random generator which can be used to get such a key:
|
||||||
|
|
||||||
|
>>> import os
|
||||||
|
>>> os.urandom(24)
|
||||||
|
'\xfd{H\xe5<\x95\xf9\xe3\x96.5\xd1\x01O<!\xd5\xa2\xa0\x9fR"\xa1\xa8'
|
||||||
|
|
||||||
|
Just take that thing and copy/paste it into your code and you're done.
|
||||||
|
|
||||||
Message Flashing
|
Message Flashing
|
||||||
----------------
|
----------------
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue