orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use secrets instead of os.urandom

Browse source
This commit is contained in:
Kevin Kirsche 2021-10-12 09:00:50 -04:00 committed by David Lord
parent 8ddf80c3ea
commit 58a08a1d73
No known key found for this signature in database
GPG key ID: 7A1C87E3F5BC42A8
3 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docs/config.rst
View file

@ -38,7 +38,7 @@ method::
app.config.update( app.config.update(
TESTING=True, TESTING=True,
SECRET_KEY=b'_5#y2L"F4Q8z\n\xec]/' SECRET_KEY='192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
) )
@ -180,8 +180,8 @@ The following configuration values are used internally by Flask:
application. It should be a long random ``bytes`` or ``str``. For application. It should be a long random ``bytes`` or ``str``. For
example, copy the output of this to your config:: example, copy the output of this to your config::
$ python -c 'import os; print(os.urandom(16))' $ python -c 'import secrets; print(secrets.token_hex()))'
b'_5#y2L"F4Q8z\n\xec]/' '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
**Do not reveal the secret key when posting questions or committing code.** **Do not reveal the secret key when posting questions or committing code.**
@ -468,7 +468,7 @@ sure to use uppercase letters for your config keys.
Here is an example of a configuration file:: Here is an example of a configuration file::
# Example configuration # Example configuration
SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/' SECRET_KEY = '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
Make sure to load the configuration very early on, so that extensions have Make sure to load the configuration very early on, so that extensions have
the ability to access the configuration when starting up. There are other the ability to access the configuration when starting up. There are other

4
docs/quickstart.rst
View file

@ -847,8 +847,8 @@ sessions work::
generator. Use the following command to quickly generate a value for generator. Use the following command to quickly generate a value for
:attr:`Flask.secret_key` (or :data:`SECRET_KEY`):: :attr:`Flask.secret_key` (or :data:`SECRET_KEY`)::
$ python -c 'import os; print(os.urandom(16))' $ python -c 'import secrets; print(secrets.token_hex())'
b'_5#y2L"F4Q8z\n\xec]/' '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
A note on cookie-based sessions: Flask will take the values you put into the A note on cookie-based sessions: Flask will take the values you put into the
session object and serialize them into a cookie. If you are finding some session object and serialize them into a cookie. If you are finding some

6
docs/tutorial/deploy.rst
View file

@ -88,9 +88,9 @@ You can use the following command to output a random secret key:
.. code-block:: none .. code-block:: none
$ python -c 'import os; print(os.urandom(16))' $ python -c 'import secrets; print(secrets.token_hex())'
b'_5#y2L"F4Q8z\n\xec]/' '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
Create the ``config.py`` file in the instance folder, which the factory Create the ``config.py`` file in the instance folder, which the factory
will read from if it exists. Copy the generated value into it. will read from if it exists. Copy the generated value into it.
@ -98,7 +98,7 @@ will read from if it exists. Copy the generated value into it.
.. code-block:: python .. code-block:: python
:caption: ``venv/var/flaskr-instance/config.py`` :caption: ``venv/var/flaskr-instance/config.py``
SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/' SECRET_KEY = '192b9bdd22ab9ed4d12e236c78afcb9a393ec15f71bbf5dc987d54727823bcbf'
You can also set any other necessary configuration here, although You can also set any other necessary configuration here, although
``SECRET_KEY`` is the only one needed for Flaskr. ``SECRET_KEY`` is the only one needed for Flaskr.